About the course
This course is designed to develop practical knowledge and auditing skills based on the core audit requirements as outlined in the ISO 19011 standard. For implementation managers, understanding the requirements and the methodology employed by an external ISO 27001 auditor are crucial to the success of any ISO 27001 implementation project.
Who should attend this course?
This course is aimed at individuals who want a globally-recognised ISO 27001 lead auditor qualification to further their careers, and anyone involved in information security management, writing information security policies or implementing ISO 27001, either as a lead implementer or as part of an implementation team.
- IT/ Information Security Manager
- Compliance Auditor
- GDPR consultant
- IT/ Information Security Consultant
- Cyber Security Consultant
- Head of IT
- Information and risk manager
- IT/ Information Security Officer
- IT/ Information security analyst
- Internal Auditor
- ISMS manager
- Information Security Project Manager
- CISO (Chief Information Security Officer)
- Network manager
Why choose IT Governance for your training needs?
- We’re internationally recognised as the authority on ISO 27001 – our team led the world’s first ISO 27001 certification project, and since then we have trained more than 8,000 professionals on information security management system (ISMS) implementations and audits.
- Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
- Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
- Choose the method that suits you – we offer classroom, Live Online, distance learning, e-learning and in-house training options.
- Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
- Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.
What does the Certified ISO 27001 Lead Implementer and Lead Auditor Live Online Combination training course cover?
The course covers:
- The key concepts, principles and main requirements of ISO/IEC 27001:2013.
- The terms and definitions used in the Standard, including risk and options for risk assessments.
- How to interpret the requirements of ISO/IEC 27001:2013 to determine the scope of your ISMS.
- How to secure senior management commitment by building a compelling business case.
- How to structure and manage your ISO 27001 project.
- How to review and map your existing controls to Annex A of ISO 27001.
- The importance of the Statement of Applicability (SoA), and justifications for inclusions and exclusions.
- How to carry out an information security risk assessment – the core competence of information security management.
- How to develop a management framework, write policies and produce other critical documentation.
- The importance of staff, an effective communication strategy and general awareness training.
- The key elements of management review.
- How to prepare for your ISO 27001 certification audit and ensure you that you pass first time.
- How to manage and drive continual improvement under ISO 27001.
- An overview of the audit process used by certification bodies.
- Best-practice audit methodology based on ISO 19011.
- How to establish, maintain and manage an audit programme.
- How to plan, conduct, report, summarise and follow-up on an audit.
- Effective interviewing techniques and observation skills.
- How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
- How the audit process is used in first, second and third-party audits.
- Purpose and benefits of audits
- Role of auditors
- Role of standards in audits
- Audit terms and definitions
- Principles of auditing
- Managing an audit programme
- Performing an audit
- Observing and listening
- Reporting and Summarising Audit Findings
- Conducting Audit Follow-up
- Competence and Evaluation of Auditors
- Accredited Certification Audit specifics
- Auditing an Information Security Management System to ISO 27001:2013
What’s included in this course?
- Full course materials (digital copy provided as a PDF file);
- The ISO 27001 Certified ISMS Lead Implementer exam;
- The ISO 27001 Certified ISMS Lead Auditor exam; and
- A certificate of attendance.
What equipment should I bring?
This course is delivered as a WebEx Live Online session. Anyone booked on this course is expected to have a reliable Internet connection at their home or office. You will need to take the exam on a PC, Mac or laptop. Docked devices cannot be used when sitting the exam.
To ensure that the WebEx client works properly on your computer, we recommend using the test session functionality offered by WebEx.
This course is equivalent to 56 CPD/CPE points.
The CIS LI qualification is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification that meets the requirements of an individual applying to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).
Certified ISO 27001 Lead Implementer and Lead Auditor Live Online training course exams
Attendees sit the online ISO 27001 CIS LI examination at the end of day 3 – a 90-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ. They also sit the online ISO 27001 Certified ISMS Lead Auditor (CIS LA) examination– a 90-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ at the end of the course. There is no extra charge for taking these exams.
To sit the online exam you will need:
- Internet Explorer 9 (or later) or Mozilla Firefox version 16 (or later);
- Internet access for the full time of the exam;
- To deactivate the pop-up blocker; and
- A working webcam on the machine you are using to sit the exam.
What qualifications will I receive?
ISO 27001 Certified ISMS Lead Implementer (CIS LI) and ISO 27001 Certified ISMS Lead Auditor (CIS LA)
How will I receive my exam results and certificates?
- Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
- Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
- Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.
Can exams be retaken?
Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.
|Start date||Location / delivery|
|14 Dec 2020||Online|