About The Course
The PECB ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to support an organization in establishing, implementing, managing and maintaining an Information Security Management System (ISMS) based on ISO/IEC 27001.
During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.
After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to` audit organizations based on best practices.
This 5 day training course is based on both theory and best practices used in ISMS audits
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role playing and discussions
- Practice tests are similar to the Certification Exam
The course is delivered in a classroom environment, as follows;
- Day 1: Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001
- Day 2: Audit principles, preparation and launching of an audit
- Day 3: On-site audit activities
- Day 4: Closing the audit
- Day 5: Certification Exam
- Understand the operations of an Information Security Management System based on ISO/IEC 27001
- Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
- Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
- Learn how to lead an audit and audit team
- Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
- Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011
The exam covers the following competency domains:
- Domain 1: Fundamental principles and concepts of an Information Security Management System (ISMS)
- Domain 2: Information Security Management System controls and best practices based on ISO/IEC 27002
- Domain 3: Planning an ISMS implementation based on ISO/IEC 27001
- Domain 4: Implementing an ISMS based on ISO/IEC 27001
- Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC 27001
- Domain 6: Continual improvement of an ISMS based on ISO/IEC 27001
- Domain 7: Preparing for an ISMS certification audit