ISO 27001 Lead Auditor
ISO 27001 Lead Auditor
As a graduate of the ISMS ISO 27001 Lead Auditor course, you will master working with ISO/IEC 2700x standards as well as related legislation, such as the Cybersecurity Act. You will learn to use standard templates for audit programs and plans, and how to prepare an audit report, all through practical examples.
Who is it for
ISO/IEC 27001 Lead Auditor provides valuable feedback on the state of an information security management system (ISMS). The audit report will help you adjust related procedures, conduct internal audits, or manage the implementation of ISMS up to the level required for certification. The auditor will also be able to integrate the information security system into an existing integrated management system.
Target Audience
Auditors who want to conduct external ISMS audits
Technical experts involved in security projects
Managers and consultants who want to control the audit process
Course Objectives
Create a follow-up audit: plan, program, and re-certification
Master principles including partial comparisons and corrective actions
Learn to prepare your own audit report and check compliance with non-conformities and observations
Work with audit forms according to ISO 17021‑1 and present findings of external audits and final reports
Benefits for the Organization
An ISMS can be implemented for a business unit, an information system, or the entire organization. Why do organizations invest in ISMS? Common benefits perceived by managers who regularly rely on ISMS audits include:
Effective management of security-related investments
Inventory, valuation, and classification of assets
Controlled elimination or reduction of risks in information systems
Implementation of a systematic and structured approach to IT/IS usage
Increased employee awareness and responsibility in handling information
Compliance with legal requirements, increased trust with partners
Improved company image and culture; ISMS can be implemented in any organization without limitations
Schedule
The first day of the ISO 27001 Lead Auditor course focuses on an introduction to audits, principles and benefits of the ISMS, working with ISO 27001, risk analysis, and documentation, including internal audits and corrective actions. The second day covers the audit process according to EN ISO 19011, creating an audit program and plan, auditor roles, and requirements of ISO 17021‑1, including practical exercises and audit documentation preparation. The third day is dedicated to practical preparation of the audit program and plan, simulation of an audit in a company environment, final evaluation of exercises, and preparation for the ISO 27001 Lead Auditor certification exam.
Virtual Training or e-Learning?
We offer flexibility. You can choose from our selection of in-class courses as well as online courses.
Try a live virtual courseTarget Audience
ISO / IEC 27001 Lead Auditor provides valuable feedback on the status of the information security management system. The audit report itself will help you adjust the related procedures, perform an internal audit, or manage the ISMS implementation project up to the level of meeting the conditions for certification. The auditor is also able to integrate the information protection system into an integrated system.
Target group:
- Technical experts involved in security projects
- Auditors who want to perform external ISMS audits
- Managers and consultants who want to control the audit process
Course objectives
- Create a Follow-up Audit: plan, program, and recertification
- Understand the principles, including partial comparison and real measures
- Learn to compile your own audit report; control of the fulfillment of disagreements and comments
- Work with audit forms according to ISO 17021-1. Present the findings of the external audit and the final report.
Benefits
The ISMS system may be implemented for an organizational unit of the company, an information system or a part of it, or it may involve the entire organization. Why do organizations invest in ISMS? Below are the most common benefits perceived by managers whose organizations regularly rely on an ISMS audit:
- Effective management of security investments
- Inventory of own assets, their valuation and classification
- Introduction of a systemic and systematic approach to the use of IT / IS
- Controlled elimination or reduction of risks in the field of information systems
- Increasing the awareness and responsibility of employees when working with information
- Cultivation of image and corporate culture; ISMS can be implemented in any company / organization, without restrictions.
Agenda
Day 1Hide agendaOpen agenda
09:00 – 10:30
Audit program preparation
- Practical exercise
10:30 – 10:45
Coffee Break
10:45 – 12:15
Audit program preparation
- Practical exercise
12:15 – 13:15
Lunch
13:15 – 14:45
Audit simulation
- Practical exercise
14:45 – 15:00
Coffee Break
15:50 – 16:45
Conclusion
- Evaluation of exercises
Certification
- Exam tips
- Certification exam ISO 27001 Lead Auditor
Day 2Hide agendaOpen agenda
09:00 – 10:30
Introduction to Audit
ISMS principles
Benefits and risks
Working with ISO 27001
Principles of accredited certification
Risk analysis of ISMS according to ISO 27001
10:30 – 10:45
Coffee break
10:45 – 12:15
- ISMS Aims
- ISMS Documents
- Declaration of applicability
10:45 – 12:15
- ISMS Aims
- ISMS Documents
- Declaration of applicability
12:15 – 13:15
Lunch
13:15 – 14:45
- ISMS - Internal Audits
- Remedial action
- Risk treatment, security incidents
14:45 – 15:00
Coffee break
15:00 – 16:45
Annex A
Working with ISO 27002 and others
Day 3Hide agendaOpen agenda
09:00 – 10:30
Audit process
- EN ISO 19011
- Audit plan proposal
- Working with the standard and checklists
- Audit principles
10:30 – 10:45
Coffee break
10:45 – 12:15
- Audit program creation
- Audit plan
- Roles
- Activities during an on-site audit
12:15 – 13:15
Lunch
13:15 – 14:45
- ISO 17021-1 Auditor Requirements
- Certification cycle
14:45 – 15:00
Coffee Break
15:00 – 16:45
Exercise
- Audit documentation preparation
Graduates will be prepared for the role of security auditor. They will be ready to plan, implement and evaluate internal certification audits.
The course is conducted entirely on a practical level, the emphasis is mainly on practical examples, the use of modern full-time techniques and maximum involvement of participants.
- Block duration 90 minutes
- Hours 24 hours
- Refreshments Yes
- Exam Yes
Prerequisites
Yes: ISO 27001 Foundation
ISO 27001 Lead Auditor builds on and further develops the knowledge gained in the previous level.
Jan Cuřín
Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.
- Cyber Security standard author
- Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
- Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067
Martin Tobolka
Zuzana Bitterová
Certified Information Security & Data Governance Professional; CISM, MBA, MBCS, ISO27001 Auditor, ISO 27005, ISO 22301.
Certification
ISO 27001 Lead Auditor | ISO 17024 Accredited
Certificate
Graduates will receive the ISO 27001 Lead Auditor certificate from the international accredited organization RCB (Registered Certification Bodies) TAYLLORCOX with a focus on the certification of ISMS (Information Security Management System) according to the ISO 2700x standard.
Certificate accreditation and global recognition are governed by the rules of the international standard ISO / IEC 17024: 2012, Conformity assessment - General requirements for bodies operating certification of person.
- ISMS ISO/IEC 27001 Lead Auditor
- Lead Auditor ISMS
- The exam fee and the issuance of the certificate is already part of the course
Exam
Exam topics: Principles of ISMS. Basic audit concept. Audit preparation. Management of the ISMS audit program. Implementation and conclusion of the ISO / IEC_27001 audit.
Exam format:
- Duration: 1 hour
- Closed book policy
- Language version of the exam: Czech / English
- A total of 75 multiple-choice questions
- Pass mark: 60%, i.e. 45 correct answers
- Qualification requirements: Yes - ISO 27001 Foundation
Graduate ratings
Excellent review ☆☆☆☆☆ from 809 reviewers
What makes our references exceptional? They are not one-off events. Clients come back to us regularly.
- Jan V.
- 06.02.26
- ☆☆☆☆☆
Skvělé s vysokou úrovní zkušeností :)
- Jan V.
- 06.02.26
- ☆☆☆☆☆
Skvělé s vysokou úrovní zkušeností. :)
- Zuzana G.
- 16.01.26
- ☆☆☆☆☆
Pán Cuřín je naozaj veľký odborník, znalec problematiky a dokázal povedať veľmi veľa príkladov z praxe. bol aj vtipný, čo odľahčovalo atmosféru. Kurz bol naozaj veľmi prínosný a obohacujúci.
- Pavel B.
- 13.12.24
- ☆☆☆☆☆
- Flowmon Networks
Pohled na audit z druhé strany, ze strany auditora, je k nezaplacení.
- Milan K.
- 13.12.24
- ☆☆☆☆☆
- Glassimex s.r.o.
Získání poznatků nejen teoretických, ale i praktických.
- Jana P.
- 13.12.24
- ☆☆☆☆☆
- Robert Bosch s.r.o.
Školitel výborný, s rozhledem a praxí.
- Ivana K.
- 13.09.24
- ☆☆☆☆☆
- Aricoma Enterprise Cybersecurity, a.s.
Byla jsem velice spokojená. Pan Ing. Cuřín je velký profesionál. Kurz byl cíleně zaměřen na využití v praxi. Účelné, věcné.
- Tereza K.
- 13.09.24
- ☆☆☆☆☆
Velký přínos v podobě osobních zkušeností lektora. Informace, které bych běžně nezískala.
- Lukáš O.
- 21.06.24
- ☆☆☆☆☆
Super kurz, nemám žádné připomínky.
- GDPR Anonymizováno
- 21.06.24
- ☆☆☆☆☆
Oceňuji přidanou hodnotu v podobě osobních zkušeností z auditů. Celkově výborný kurz.
View the next 10 reviews of our graduates
View the full list of reference clients.
Not sure if this is the right courese for you? Get in touch!
For assistance please give us a call.
We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.
Cannot call? Send us a message.
Would you like a gift for your birtday?
