ISO 27001 Lead Auditor

As a graduate of the ISMS ISO 27001 Lead Auditor course you will master the work with the standards of ISO / IEC 2700x, but also related legislation - such as the Cyber Security Act. You will learn how to use basic form templates for an audit program / plan, as well as how to compile an audit report. 

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target Audience

ISO / IEC 27001 Lead Auditor provides valuable feedback on the status of the information security management system. The audit report itself will help you adjust the related procedures, perform an internal audit, or manage the ISMS implementation project up to the level of meeting the conditions for certification. The auditor is also able to integrate the information protection system into an integrated system.

Target group:

  • Technical experts involved in security projects
  • Auditors who want to perform external ISMS audits
  • Managers and consultants who want to control the audit process
Target Audience

Aims of the course

  • Create a Follow-up Audit: plan, program, and recertification
  • Understand the principles, including partial comparison and real measures
  • Learn to compile your own audit report; control of the fulfillment of disagreements and comments
  • Work with audit forms according to ISO 17021-1. Present the findings of the external audit and the final report.

Benefits

The ISMS system may be implemented for an organizational unit of the company, an information system or a part of it, or it may involve the entire organization. Why do organizations invest in ISMS? Below are the most common benefits perceived by managers whose organizations regularly rely on an ISMS audit:

  • Effective management of security investments
  • Inventory of own assets, their valuation and classification
  • Introduction of a systemic and systematic approach to the use of IT / IS
  • Controlled elimination or reduction of risks in the field of information systems
  • Increasing the awareness and responsibility of employees when working with information
  • Cultivation of image and corporate culture; ISMS can be implemented in any company / organization, without restrictions.
Benefits

Agenda

Day 1
Hide agenda
Open agenda

09:00 – 10:30

Audit program preparation

  • Practical exercise

10:30 – 10:45

Coffee Break

10:45 – 12:15

Audit program preparation

  • Practical exercise

12:15 – 13:15

Lunch

13:15 – 14:45

Audit simulation

  • Practical exercise

14:45 – 15:00

Coffee Break

15:50 – 16:45

Conclusion

  • Evaluation of exercises

Certification

  • Exam tips
  • Certification exam ISO 27001 Lead Auditor

Day 2
Hide agenda
Open agenda

09:00 – 10:30

Introduction to Audit

  • ISMS principles

  • Benefits and risks

  • Working with ISO 27001

  • Principles of accredited certification

  • Risk analysis of ISMS according to ISO 27001

10:30 – 10:45

Coffee break

10:45 – 12:15

  • ISMS Aims
  • ISMS Documents
  • Declaration of applicability

10:45 – 12:15

  • ISMS Aims
  • ISMS Documents
  • Declaration of applicability

12:15 – 13:15

Lunch

13:15 – 14:45

  • ISMS - Internal Audits
  • Remedial action
  • Risk treatment, security incidents

14:45 – 15:00

Coffee break

15:00 – 16:45

Annex A

Working with ISO 27002 and others

Day 3
Hide agenda
Open agenda

09:00 – 10:30

Audit process

  • EN ISO 19011
  • Audit plan proposal
  • Working with the standard and checklists
  • Audit principles

10:30 – 10:45

Coffee break

10:45 – 12:15

  • Audit program creation
  • Audit plan
  • Roles
  • Activities during an on-site audit

12:15 – 13:15

Lunch

13:15 – 14:45

  • ISO 17021-1 Auditor Requirements
  • Certification cycle

14:45 – 15:00

Coffee Break

15:00 – 16:45

Exercise

  • Audit documentation preparation

Graduates will be prepared for the role of security auditor. They will be ready to plan, implement and evaluate internal certification audits.

The course is conducted entirely on a practical level, the emphasis is mainly on practical examples, the use of modern full-time techniques and maximum involvement of participants.

  • Block duration 90 minutes
  • Hours 24 hours
  • Refreshments Yes
  • Exam Yes
  • Prerequisites

    Yes: ISO 27001 Foundation

    ISO 27001 Lead Auditor builds on and further develops the knowledge gained in the previous level.

Zuzana Bitterová

Certified Information Security & Data Governance Professional; CISM, MBA, MBCS, ISO27001 Auditor, ISO 27005, ISO 22301.

Martin Tobolka

Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067

Certification

ISO 27001 Lead Auditor | ISMS Accredited

Certificate

Graduates will receive the ISO 27001 Lead Auditor certificate from the international accredited organization RCB (Registered Certification Bodies) TAYLLORCOX with a focus on the certification of ISMS (Information Security Management System) according to the ISO 2700x standard.

Certificate accreditation and global recognition are governed by the rules of the international standard ISO / IEC 17024: 2012, Conformity assessment - General requirements for bodies operating certification of person.

The certificate is issued in 2 versions (CZ and EN)
  • ISMS ISO/IEC 27001 Lead Auditor
  • Lead Auditor ISMS
  • The exam fee and the issuance of the certificate is already part of the course
Certificate

Exam

Exam topics: Principles of ISMS. Basic audit concept. Audit preparation. Management of the ISMS audit program. Implementation and conclusion of the ISO / IEC_27001 audit.

Exam format:
  • Duration: 1 hour
  • Closed book policy
  • Language version of the exam: Czech / English
  • A total of 75 multiple-choice questions
  • Pass mark: 60%, i.e. 45 correct answers
  • Qualification requirements: Yes - ISO 27001 Foundation
Exam

Graduate ratings

Excellent review from 786 reviewers

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

  • Pavel B.
  • 13.12.24
  • Flowmon Networks

Pohled na audit z druhé strany, ze strany auditora, je k nezaplacení. 

  • Milan K.
  • 13.12.24
  • Glassimex s.r.o.

Získání poznatků nejen teoretických, ale i praktických. 

  • Jana P.
  • 13.12.24
  • Robert Bosch s.r.o.

Školitel výborný, s rozhledem a praxí.

  • Ivana K.
  • 13.09.24
  • Aricoma Enterprise Cybersecurity, a.s.

Byla jsem velice spokojená. Pan Ing. Cuřín je velký profesionál. Kurz byl cíleně zaměřen na využití v praxi. Účelné, věcné. 

  • Tereza K.
  • 13.09.24

Velký přínos v podobě osobních zkušeností lektora. Informace, které bych běžně nezískala. 

  • Lukáš O.
  • 21.06.24

Super kurz, nemám žádné připomínky.

  • GDPR Anonymizováno
  • 21.06.24

Oceňuji přidanou hodnotu v podobě osobních zkušeností z auditů. Celkově výborný kurz.

  • GDPR Anonymizováno
  • 21.06.24

Kurz splnil očekávání. Lektor je velice zkušený v dané problematice a skvěle ji dokáže prezentovat.

  • GDPR Anonymizováno
  • 21.06.24

Nadstandartně kvalitní jak svou extensí, tak intenzí. Výborný lektor.

  • Juraj S.
  • 21.06.24

Výborné školení, naplnilo moje očekávání. 

View the next 10 reviews of our graduates

View the full list of reference clients.

Your rating
*****

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?