Training at Your Location
An experienced DEKRA instructor comes to you. We can even customize training to your needs.
Request a Quote
ISO 27001 Certified Lead Auditor Training
4 Days - 3.3 CTUs - $2095 - Competency Units IS, AU, TL
Who Should Attend
Those responsible for planning and scheduling an internal audit program for ISO 27001:2022 and those who must perform audits to ISO 27001:2022, management representatives, security consultants, IT professionals, information security officers, managers, or anyone interested in conducting first-party, second-party, or third-party audits.
All attendees are required to bring their own copy of the ISO/IEC 27001:2022: Information technology – Information security management systems – Requirements to this training and ISO/IEC 27002:2022: Information technology – Security techniques – Code of practice for information security controls. Copies will not be provided for you.
Description
Understand the requirements of ISO 27001:2022 to be able to conduct a successful audit. The course includes hands-on workshops to prepare you for real-life auditing situations. You’ll learn to manage the audit process and complete reporting.
This is a four-day, instructor-led classroom course. There are written tests on each of the competency units on days 2, 3, and 4. Days 1 and 2 will cover ISO 27001:2022 along with a corresponding competency exam. Day 3 will cover management systems auditing (AU) along with a corresponding competency exam. Day 4 will cover leading management systems audit teams (TL) along with a corresponding competency exam.
Certified Internal Auditor
Our three-day Certified Internal Auditor class covers the basics of the standard and how to conduct an audit. This does not include Lead Auditor competency unit
Learn more
ISO 27001 Foundations
This two-day certified training covers the ISO 27001 standard and its application. This does not include the Lead Auditor competency unit
Learn more
Course Objectives
- Interpret and apply the ISO 27001:2022 requirements
- Recognize the relationship between ISO 27000, ISO 27001, and ISO 27002
- Define information security management (ISMS) terminology
- Demonstrate how ISMS planning, policy, objectives, and processes are implemented
- Explain the difference between legal compliance and conformity
- Define the relationship between an organization’s operational informational security requirements and the ISO 27001:2022 standard
- Assess effectiveness of an organization’s information security risk assessment methodologies
- Evaluate risk assessment and risk treatment results to ensure they are appropriately identified within the organization’s statement of applicability
- Apply auditing principles, procedures, and methods identified in ISO 19011:2018
- Establish audit objectives for the audit program
- Determine the feasibility of an audit
- Prepare work documents for an audit
- Apply all aspects of the on-site audit activities
- Define audit roles and responsibilities
- Document audit results, findings, and conclusions
- Identify and apply sampling techniques
- Develop an audit plan
- Demonstrate effective communication and interview skills
- Identify roles and responsibilities of audit team leaders
- Incorporate audit objectives, scope, and criteria into audit planning
- Select audit team members and assign tasks
- Identify, evaluate, and address risks in an audit plan
- Develop and manage the opening and closing meetings
- Resolve conflict during an audit
- Prepare an audit report to address all findings during an audit
- Perform audit follow-up activities
- Apply remote auditing methods