ISO 27001 Lead Auditor
As a graduate of the ISMS ISO 27001 Lead Auditor course you will master the work with the standards of ISO / IEC 2700x, but also related legislation - such as the Cyber Security Act. You will learn how to use basic form templates for an audit program / plan, as well as how to compile an audit report.
Virtual Training or e-Learning?
We offer flexibility. You can choose from our selection of in-class courses as well as online courses.
Try a live virtual courseTarget Audience
ISO / IEC 27001 Lead Auditor provides valuable feedback on the status of the information security management system. The audit report itself will help you adjust the related procedures, perform an internal audit, or manage the ISMS implementation project up to the level of meeting the conditions for certification. The auditor is also able to integrate the information protection system into an integrated system.
Target group:
- Technical experts involved in security projects
- Auditors who want to perform external ISMS audits
- Managers and consultants who want to control the audit process
Aims of the course
- Create a Follow-up Audit: plan, program, and recertification
- Understand the principles, including partial comparison and real measures
- Learn to compile your own audit report; control of the fulfillment of disagreements and comments
- Work with audit forms according to ISO 17021-1. Present the findings of the external audit and the final report.
Benefits
The ISMS system may be implemented for an organizational unit of the company, an information system or a part of it, or it may involve the entire organization. Why do organizations invest in ISMS? Below are the most common benefits perceived by managers whose organizations regularly rely on an ISMS audit:
- Effective management of security investments
- Inventory of own assets, their valuation and classification
- Introduction of a systemic and systematic approach to the use of IT / IS
- Controlled elimination or reduction of risks in the field of information systems
- Increasing the awareness and responsibility of employees when working with information
- Cultivation of image and corporate culture; ISMS can be implemented in any company / organization, without restrictions.
Agenda
Day 1Hide agendaOpen agenda
09:00 – 10:30
Audit program preparation
- Practical exercise
10:30 – 10:45
Coffee Break
10:45 – 12:15
Audit program preparation
- Practical exercise
12:15 – 13:15
Lunch
13:15 – 14:45
Audit simulation
- Practical exercise
14:45 – 15:00
Coffee Break
15:50 – 16:45
Conclusion
- Evaluation of exercises
Certification
- Exam tips
- Certification exam ISO 27001 Lead Auditor
Day 2Hide agendaOpen agenda
09:00 – 10:30
Introduction to Audit
ISMS principles
Benefits and risks
Working with ISO 27001
Principles of accredited certification
Risk analysis of ISMS according to ISO 27001
10:30 – 10:45
Coffee break
10:45 – 12:15
- ISMS Aims
- ISMS Documents
- Declaration of applicability
10:45 – 12:15
- ISMS Aims
- ISMS Documents
- Declaration of applicability
12:15 – 13:15
Lunch
13:15 – 14:45
- ISMS - Internal Audits
- Remedial action
- Risk treatment, security incidents
14:45 – 15:00
Coffee break
15:00 – 16:45
Annex A
Working with ISO 27002 and others
Day 3Hide agendaOpen agenda
09:00 – 10:30
Audit process
- EN ISO 19011
- Audit plan proposal
- Working with the standard and checklists
- Audit principles
10:30 – 10:45
Coffee break
10:45 – 12:15
- Audit program creation
- Audit plan
- Roles
- Activities during an on-site audit
12:15 – 13:15
Lunch
13:15 – 14:45
- ISO 17021-1 Auditor Requirements
- Certification cycle
14:45 – 15:00
Coffee Break
15:00 – 16:45
Exercise
- Audit documentation preparation
Graduates will be prepared for the role of security auditor. They will be ready to plan, implement and evaluate internal certification audits.
The course is conducted entirely on a practical level, the emphasis is mainly on practical examples, the use of modern full-time techniques and maximum involvement of participants.
- Block duration 90 minutes
- Hours 24 hours
- Refreshments Yes
- Exam Yes
Zuzana Bitterová
Certified Information Security & Data Governance Professional; CISM, MBA, MBCS, ISO27001 Auditor, ISO 27005, ISO 22301.
Martin Tobolka
Jan Cuřín
Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.
- Cyber Security standard author
- Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
- Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067
Certification
ISO 27001 Lead Auditor | ISMS Accredited
Certificate
Graduates will receive the ISO 27001 Lead Auditor certificate from the international accredited organization RCB (Registered Certification Bodies) TAYLLORCOX with a focus on the certification of ISMS (Information Security Management System) according to the ISO 2700x standard.
Certificate accreditation and global recognition are governed by the rules of the international standard ISO / IEC 17024: 2012, Conformity assessment - General requirements for bodies operating certification of person.
The certificate is issued in 2 versions (CZ and EN)
- ISMS ISO/IEC 27001 Lead Auditor
- Lead Auditor ISMS
- The exam fee and the issuance of the certificate is already part of the course
Exam
Exam topics: Principles of ISMS. Basic audit concept. Audit preparation. Management of the ISMS audit program. Implementation and conclusion of the ISO / IEC_27001 audit.
Exam format:
- Duration: 1 hour
- Closed book policy
- Language version of the exam: Czech / English
- A total of 75 multiple-choice questions
- Pass mark: 60%, i.e. 45 correct answers
- Qualification requirements: Yes - ISO 27001 Foundation
Graduate ratings
Excellent review ☆☆☆☆☆ from 790 reviewers
What makes our references exceptional? They are not one-off events. Clients come back to us regularly.
- Pavel B.
- 13.12.24
- ☆☆☆☆☆
- Flowmon Networks
Pohled na audit z druhé strany, ze strany auditora, je k nezaplacení.
- Milan K.
- 13.12.24
- ☆☆☆☆☆
- Glassimex s.r.o.
Získání poznatků nejen teoretických, ale i praktických.
- Jana P.
- 13.12.24
- ☆☆☆☆☆
- Robert Bosch s.r.o.
Školitel výborný, s rozhledem a praxí.
- Ivana K.
- 13.09.24
- ☆☆☆☆☆
- Aricoma Enterprise Cybersecurity, a.s.
Byla jsem velice spokojená. Pan Ing. Cuřín je velký profesionál. Kurz byl cíleně zaměřen na využití v praxi. Účelné, věcné.
- Tereza K.
- 13.09.24
- ☆☆☆☆☆
Velký přínos v podobě osobních zkušeností lektora. Informace, které bych běžně nezískala.
- Lukáš O.
- 21.06.24
- ☆☆☆☆☆
Super kurz, nemám žádné připomínky.
- GDPR Anonymizováno
- 21.06.24
- ☆☆☆☆☆
Oceňuji přidanou hodnotu v podobě osobních zkušeností z auditů. Celkově výborný kurz.
- GDPR Anonymizováno
- 21.06.24
- ☆☆☆☆☆
Kurz splnil očekávání. Lektor je velice zkušený v dané problematice a skvěle ji dokáže prezentovat.
- GDPR Anonymizováno
- 21.06.24
- ☆☆☆☆☆
Nadstandartně kvalitní jak svou extensí, tak intenzí. Výborný lektor.
- Juraj S.
- 21.06.24
- ☆☆☆☆☆
Výborné školení, naplnilo moje očekávání.
View the next 10 reviews of our graduates
View the full list of reference clients.
Not sure if this is the right courese for you? Get in touch!
For assistance please give us a call.
We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.
Cannot call? Send us a message.
Would you like a gift for your birtday?
