ISO/IEC 27001:2013 Lead Auditor Training (ISMS)

In this five day course certified to IRCA* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.
To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems.
You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013.
Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skills and ability to lead a team to conduct audits of an ISMS to the standard.
Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third-party audits.
*IRCA Certified Course (A17287)
This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.
Who should attend?
This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.
Suggested job roles and their teams include:
- Information security managers
- IT and corporate security managers
- Corporate governance managers
- Risk and compliance managers
- Information security consultants
Prerequisites:
You should already have knowledge how management systems work and in particular, the requirements of ISO/IEC 27001:2013 (for delegates who do not have these, we recommend attending our one day requirements course)
What will I learn?
- What is the purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
- What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013, Information technology — Security techniques — Code of practice for information security controls, ISO 19011:2011, Guidelines for auditing management systems and where applicable, ISO 17021:2011, Conformity assessment – Requirements for bodies providing audit and certification of management systems
How will my organization benefit?
- Your company will have an internal resource and process to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
- You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization that satisfies IRCA guidelines
- Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs