ISO 27001 Certified Lead Auditor Training
4 Days - 3.3 CTUs - $1995 - Competency Units IS, AU, TL
Who Should Attend
Those responsible for planning and scheduling an internal audit program for ISO 27001:2022 and those who must perform audits to ISO 27001:2022, management representatives, security consultants, IT professionals, information security officers, managers, or anyone interested in conducting first-party, second-party, or third-party audits.
All attendees are required to bring their own copy of the ISO/IEC 27001:2022: Information technology – Information security management systems – Requirements to this training and ISO/IEC 27002:2022: Information technology – Security techniques – Code of practice for information security controls. Copies will not be provided for you.
Understand the requirements of ISO 27001:2022 to be able to conduct a successful audit. The course includes hands-on workshops to prepare you for real-life auditing situations. You’ll learn to manage the audit process and complete reporting.
This is a four-day, instructor-led classroom course. There are written tests on each of the competency units on days 2, 3, and 4. Days 1 and 2 will cover ISO 27001:2013 along with a corresponding competency exam. Day 3 will cover management systems auditing (AU) along with a corresponding competency exam. Day 4 will cover leading management systems audit teams (TL) along with a corresponding competency exam.
An experienced DEKRA instructor comes to you. We can even customize training to your needs.
Our three-day Certified Internal Auditor class covers the basics of the standard and how to conduct an audit. This does not include Lead Auditor competency unit
This two-day certified training covers the ISO 27001 standard and its application. This does not include the Lead Auditor competency unit
- Interpret and apply the ISO 27001:2022 requirements
- Recognize the relationship between ISO 27000, ISO 27001, and ISO 27002
- Define information security management (ISMS) terminology
- Demonstrate how ISMS planning, policy, objectives, and processes are implemented
- Explain the difference between legal compliance and conformity
- Define the relationship between an organization’s operational informational security requirements and the ISO 27001:2022 standard
- Assess effectiveness of an organization’s information security risk assessment methodologies
- Evaluate risk assessment and risk treatment results to ensure they are appropriately identified within the organization’s statement of applicability
- Apply auditing principles, procedures, and methods identified in ISO 19011:2018
- Establish audit objectives for the audit program
- Determine the feasibility of an audit
- Prepare work documents for an audit
- Apply all aspects of the on-site audit activities
- Define audit roles and responsibilities
- Document audit results, findings, and conclusions
- Identify and apply sampling techniques
- Develop an audit plan
- Demonstrate effective communication and interview skills
- Identify roles and responsibilities of audit team leaders
- Incorporate audit objectives, scope, and criteria into audit planning
- Select audit team members and assign tasks
- Identify, evaluate, and address risks in an audit plan
- Develop and manage the opening and closing meetings
- Resolve conflict during an audit
- Prepare an audit report to address all findings during an audit
- Perform audit follow-up activities
- Apply remote auditing methods