ISO 27001 Lead Auditor Training Course CQI and IRCA Certified

Provided by

Enquire about this course

About the course


ISO 27001 Lead Auditor Training Course - CQI and IRCA Certified


This five day ISO 27001 Lead Auditor course provides an understanding and knowledge of auditing information security management systems to third party standards.

The objective of an audit is not fault finding, but to identify opportunities for improvement. You will learn to build on the skills of how to plan, structure and conduct an effective audit and to evaluate and communicate the findings. The course is designed to follow the stages in a live audit, including simulated audit interviews and role play closing meetings. This ISO 27001 Lead Auditor training course is highly participative and is a practically based series of sessions using tutorials, case studies, interactive workshops and open forum discussions, the practical emphasis of which provides a unique opportunity for a substantial degree of individual guidance and training.

This is a CQI and IRCA Certified Course (ref: A17293) and meets the training requirements for individuals seeking registration as a Lead Auditor under the CQI and IRCA Auditor Registration Scheme. The requirements include an examination and a certificate is issued on completion of the course.

Key Topics 


  • Background and overview of the ISO/IEC 27001 and other Information Security Standards
  • An introduction to auditing and implementing an audit system and the auditor’s role in the process
  • Management’s role in reviewing risk and the effectiveness of the overall ISMS
  • Planning and managing a process based audit:
  • resources and timing
  • use of checklists
  • selection of audit teams
  • Conducting the audit – skills, techniques and auditor competence:
  • evaluating the significance of audit findings communicating and presenting audit reports
  • Nonconformities and improved security as a result of corrective actions
  • Management of the third party assessment and certification process


Who should attend 

  • Individuals who want to become ISMS Registered Lead Auditors
  • Individuals leading their companies to ISO/IEC 27001:2013 registration

Familiarity with ISO/IEC 27001:2013 is necessary for a full understanding of the principles developed in this course.


On completion of this ISO 27001 Lead Auditor training course, delegates will have gained:

  • competence in assessing the organisation’s ability to manage risk and provide essential ISMS controls.
  • an understanding of the role of audits within the ISMS and the role of auditors in effecting continual improvement.
  • the skill set to enable a full understanding of how third parties view the ISMS and its compliance for certification and of how first party auditors can help create the environment to drive excellence


Start date Location / delivery
30 Sep 2019 London -Kensington Holiday Inn
25 Nov 2019 Leeds

Related article

Cyber security – why bother? Most people’s perception of cyber-attacks are either of someone in a darkened room trying to take down web sites, or c...