Who should attend?

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits

• Managers or consultants seeking to master an Information Security Management System audit process

• Individuals responsible for maintaining conformance with Information Security Management System requirements

• Technical experts seeking to prepare for an Information Security Management System audit

• Expert advisors in Information Security Management

Course agenda

Day 1 | Introduction to the information security management system (ISMS) and ISO/IEC 27001

• Training course objectives and structure

• Standards and regulatory frameworks

• Certification process

• Fundamental concepts and principles of information security

• Information security management system (ISMS)

Day 2 | Audit principles, preparation, and initiation of an audit

• Fundamental audit concepts and principles

• The impact of trends and technology in auditing

• Evidence-based auditing

• Risk-based auditing

• Initiation of the audit process

• Stage 1 audit

Day 3 | On-site audit activities

• Preparing for stage 2 audit (on-site audit)

• Stage 2 audit

• Communication during the audit

• Audit procedures

• Creating audit test plans

Day 4 | Closing of the audit

• Drafting audit findings and nonconformity reports

• Audit documentation and quality review

• Closing of the audit

• Evaluation of action plans by the auditor

• Beyond the initial audit

• Managing an internal audit program

• Closing of the training course

Day 5 | Certification Exam

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001

• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks

• Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011

• Learn how to lead an audit and audit team

• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit

• Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Examination

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

Domain 1 | Fundamental principles and concepts of an Information Security Management System (ISMS)

Domain 2 | Information Security Management System (ISMS)

Domain 3 | Fundamental audit concepts and principles

Domain 4 | Preparation of an ISO/IEC 27001 audit

Domain 5 | Conducting an ISO/IEC 27001 audit

Domain 6 | Closing an ISO/IEC 27001 audit

Domain 7 | Managing an ISO/IEC 27001 audit program

General information

• Certification fees are included in the exam price.

• Participants will be provided with the training material containing over 450 pages of explanatory information and practical examples.

• An Attendance Record worth 31 CPD (Continuing Professional Development) credits will be issued to participants who have attended the training course.

• In case candidates fail the exam, they can retake the exam within 12 months following the initial exam for free.

For additional information, please contact us at info@ciso-dpo.online.

Dowload Brochures [here].