ISO 27001 Lead Auditor

As a graduate of the ISMS ISO 27001 Lead Auditor course you will master the work with the standards of ISO / IEC 2700x, but also related legislation - such as the Cyber Security Act. You will learn how to use basic form templates for an audit program / plan, as well as how to compile an audit report. 

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target Audience

ISO / IEC 27001 Lead Auditor provides valuable feedback on the status of the information security management system. The audit report itself will help you adjust the related procedures, perform an internal audit, or manage the ISMS implementation project up to the level of meeting the conditions for certification. The auditor is also able to integrate the information protection system into an integrated system.

Target group:

  • Technical experts involved in security projects
  • Auditors who want to perform external ISMS audits
  • Managers and consultants who want to control the audit process
Target Audience

Aims of the course

  • Create a Follow-up Audit: plan, program, and recertification
  • Understand the principles, including partial comparison and real measures
  • Learn to compile your own audit report; control of the fulfillment of disagreements and comments
  • Work with audit forms according to ISO 17021-1. Present the findings of the external audit and the final report.

Benefits

The ISMS system may be implemented for an organizational unit of the company, an information system or a part of it, or it may involve the entire organization. Why do organizations invest in ISMS? Below are the most common benefits perceived by managers whose organizations regularly rely on an ISMS audit:

  • Effective management of security investments
  • Inventory of own assets, their valuation and classification
  • Introduction of a systemic and systematic approach to the use of IT / IS
  • Controlled elimination or reduction of risks in the field of information systems
  • Increasing the awareness and responsibility of employees when working with information
  • Cultivation of image and corporate culture; ISMS can be implemented in any company / organization, without restrictions.
Benefits

Agenda

Day 1
Hide agenda
Open agenda

09:00 – 10:30

Audit program preparation

  • Practical exercise

10:30 – 10:45

Coffee Break

10:45 – 12:15

Audit program preparation

  • Practical exercise

12:15 – 13:15

Lunch

13:15 – 14:45

Audit simulation

  • Practical exercise

14:45 – 15:00

Coffee Break

15:50 – 16:45

Conclusion

  • Evaluation of exercises

Certification

  • Exam tips
  • Certification exam ISO 27001 Lead Auditor

Day 2
Hide agenda
Open agenda

09:00 – 10:30

Introduction to Audit

  • ISMS principles

  • Benefits and risks

  • Working with ISO 27001

  • Principles of accredited certification

  • Risk analysis of ISMS according to ISO 27001

10:30 – 10:45

Coffee break

10:45 – 12:15

  • ISMS Aims
  • ISMS Documents
  • Declaration of applicability

10:45 – 12:15

  • ISMS Aims
  • ISMS Documents
  • Declaration of applicability

12:15 – 13:15

Lunch

13:15 – 14:45

  • ISMS - Internal Audits
  • Remedial action
  • Risk treatment, security incidents

14:45 – 15:00

Coffee break

15:00 – 16:45

Annex A

Working with ISO 27002 and others

Day 3
Hide agenda
Open agenda

09:00 – 10:30

Audit process

  • EN ISO 19011
  • Audit plan proposal
  • Working with the standard and checklists
  • Audit principles

10:30 – 10:45

Coffee break

10:45 – 12:15

  • Audit program creation
  • Audit plan
  • Roles
  • Activities during an on-site audit

12:15 – 13:15

Lunch

13:15 – 14:45

  • ISO 17021-1 Auditor Requirements
  • Certification cycle

14:45 – 15:00

Coffee Break

15:00 – 16:45

Exercise

  • Audit documentation preparation

Graduates will be prepared for the role of security auditor. They will be ready to plan, implement and evaluate internal certification audits.

The course is conducted entirely on a practical level, the emphasis is mainly on practical examples, the use of modern full-time techniques and maximum involvement of participants.

  • Block duration 90 minutes
  • Hours 24 hours
  • Refreshments Yes
  • Exam Yes
  • Prerequisites

    Yes: ISO 27001 Foundation

    ISO 27001 Lead Auditor builds on and further develops the knowledge gained in the previous level.

Marek Mitáček

Accredited trainer, Workshop Leader, Coach, co-author of methodologies and TAYLLORCOX Toolkits (sets of templates and sample forms) for IT Service Management ITSM, Project Management PRINCE2 and cyber security according to ISMS ISO / IEC 27001 and ZoKB.

One of the very first IT auditors in the Czech Republic. His rich practice began in 1996 in the company. GiTyFurtherly spent almost 10 years as an ITIL implementer at Český Telekom and since 2007 he has been a key auditor, accredited trainer at the TAYLLORCOX certification body

  • TAYLLORCOX
  • Český Telekom
  • GiTy - Interní Auditor / Consultant

LinkedIn

Vít Lidinský

  • Since 2012, he has been working as a forensic expert in the field of economics, prices and estimates, with a special specialization in information systems and personal data protection.
  • For more than 5 years he was the head of the department. and Chief Executive Officer at the Ministry of Informatics, the Ministry of Foreign Affairs of the Czech Republic and the State Treasury Shared Services Center (ICT Departments).
  • He graduated from the Faculty of Business and Economics, majoring in information management - CULS. Here he gradually obtained a master's (Ing.) And doctoral degree (Ph. D.)

Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067

Certification

ISO 27001 Lead Auditor | ISMS Accredited

Certificate

Graduates will receive the ISO 27001 Lead Auditor certificate from the international accredited organization RCB (Registered Certification Bodies) TAYLLORCOX with a focus on the certification of ISMS (Information Security Management System) according to the ISO 2700x standard.

Certificate accreditation and global recognition are governed by the rules of the international standard ISO / IEC 17024: 2012, Conformity assessment - General requirements for bodies operating certification of person.

The certificate is issued in 2 versions (CZ and EN)
  • ISMS ISO/IEC 27001 Lead Auditor
  • Lead Auditor ISMS
  • The exam fee and the issuance of the certificate is already part of the course
Certificate

Exam

Exam topics: Principles of ISMS. Basic audit concept. Audit preparation. Management of the ISMS audit program. Implementation and conclusion of the ISO / IEC_27001 audit.

Exam format:
  • Duration: 1 hour
  • Closed book policy
  • Language version of the exam: Czech / English
  • A total of 75 multiple-choice questions
  • Pass mark: 60%, i.e. 45 correct answers
  • Qualification requirements: Yes - ISO 27001 Foundation
Exam

Graduate ratings

Excellent review from 662 reviewers

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

  • Tomáš L.
  • 27.01.23
  • TIS Brno

Kurz výborně doplnil a rozšířil moje znalosti problematiky. Přesně se trefil do potřeby pro činnosti, kterými se mám zabývat.

  • Martin B.
  • 27.01.23
  • TYP Agency s.r.o.

Vše perfektní, moc děkuji.

  • GDPR Anonymizováno
  • 27.01.23

Kurz byl vhodně koncipován z obsahového i časového hlediska. Lektor byl odborník na problematiku s praktickými zkušenostmi.

  • Tomáš M.
  • 07.10.22
  • ACS Office s.r.o.

Obsah naplnil zcela mé očekávání. Vysoké kvality lektora a zkušenosti byly znát po celou dobu kurzu. Opravdu výborné školení.

  • Pavel P.
  • 07.10.22
  • J&T Banka a.s.

Kurz je velmi obohacující o příklady z praxe, určitě přinesl i užitečné zdroje informací, propojení norem a systémů řízení.

  • GDPR Anonymizováno
  • 07.10.22

Školitel má hluboké znalosti, které dokladoval příklady z praxe s postřehy o Best-Practice. Opravdu výborný kurz.

  • Marek S.
  • 07.10.22
  • BDO Consultin s.r.o.

Vše na výbornou, nemám co vytknout.

  • Dniel U.
  • 01.07.22

Dobře vyložená teorie na základě příkladů z praxe.

  • Jan K.
  • 22.10.21

Kurz mi pomohl orientovat se v problematice z pohledu auditora.

  • Peter Škurka
  • 20.08.21
  • Risk Analysis Consultants, s.r.o.

Výborný školitel, super přístup.

View the next 10 reviews of our graduates

View the full list of reference clients.

Your rating
*****

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?