The Certified ISO 27001 Lead Auditor is a five-day information packed learning experience designed to develop a level of competence to support the internal and external auditing of an organizational Information Security Management System (ISMS) based on ISO 27001, as well as additionally control mandated by way of the Legal & Regulatory review required by the standard. Drawing upon best practices from ISO 27001 and ISO 19011, students will learn the fundamental requirements to build internal compliance and audit programs and perform a certification audit.
To develop a well rounded understanding of the standard’s expectations, students will be familiarized with the supplementary guidance offered by ISO using ISO 17021, ISO 27024 ,ISO 27002, ISO 27006, ISO 27007, ISO 27008, and more.
Enrollment for our next
Certified ISO 27001 Lead Auditor Course
October 5 – 9, 2020
closes at 5:00 PM on September 25, 2020
Important to Note:Training seats are limited, and we do not maintain a waiting list for courses as the book up fast.
Who Should Take This Course?
- Auditor Managers and Auditors seeking to incorporate Information Security within the scope of their holistic audit program, and demonstrate required competence for the purposes of ISO 27001 certification.
- Compliance Managers and staff seeking to incorporate Information Security within the scope of their holistic compliance program, and demonstrate required competence for the purposes of ISO 27001 certification.
- Information Security professionals and managers involved in any aspect of the development, roll-out, operational maintenance, or conformity requirements of an ISO 27001-based Information Security Management System seeking to understand the audit process and expectations.
- Consultants looking to understand and support clients implementing and information security management system and specifically the strategy and policy & standards components.
- Corporate / industrial / physical security specialists looking to understand the compliance dynamics of an information security program,
- Technical IT specialist wanting to prepare for an Information Security function or for an ISMS project management function
- Data Privacy, attorneys and other specialists charged with the responsibility for organizational information security in a regulated or service-based industry.
Help Me Understand How This Course Relates to Me
Select the role that best suite your situation
Schedule, Registration, and Cost
Registration for our training, can be done on either this website or the website of the Center for Information Management and Assurance.
The cost for registration is $2,495 tuition + $500 certification fee + $200 electronic payment process fees ($3,245 USD).
1. Existing Information Security Leadership Forum Members receive a $500 discount, when registering on the Forum site.
2. Due to the higher cost of facilities in some cities, tuition in those venues may be higher than the price referenced above. The cost by venue is listed on individual registration pages.
Day One – Introduction and Audit Concepts, for Auditing an Information Security Management Systems (ISMS) based on ISO 27001
Day Two – Setting Up an Internal Audit Program for ISO 27001 Compliance
Day Three – Conducting an ISO 27001-based Internal Audit
Day Four – The ISO 27001 Certification Process, Ongoing Management of Non-conformities
Day Five – Practical & Written Certification Exams
- Morning: 3 hour written exam
- Afternoon: Practical Exam – Formal Presentation of Internal Audit of the ISMS to the Organization’s Board of Directors
1. Both written and practical exams are mandatory, in order to meet the certification requirements set out by the Information Security Leadership Forum, this course’s certifying body.
2. Formal business attire is mandatory for you practical exam. Please be sure to pack / dress appropriately. Men are required to wear a jacket and tie, and women the equivalent.
When designing our Certified ISO 27001 Lead Auditor Course, great care is taken to identify key areas the course must focus on in order to ensure student achieve the goals the course was setup to accomplish. These learning objectives are highlighted as follows:
Achieve an in-depth understanding of the ISO 27001 certification process.
Master the concepts, approaches, standards, methods and techniques required for the effective planning, design, development, implementation and maintenance of ISO 27001-based information security audit program.
Gain an expert level understanding of how to engage stakeholders in the ISO 27001 Audit process.
Develop the expertise to to perform and lead an ISO 27001-based audit of an organization.
Master the development of an Internal Audit Program to support the compliance requirements of the ISO 27001 standard.
What You Get!
What each student will receive
- a copy of all slides presented during the class
- a certificate of completion awarding 35 Continuing Professional Development (CDP) units
- A free Professional membership with the Information Security Leadership Forum (a $95 value)
- A Student Information Package (SIP) with study tips and other helpful and insightful information for the course and exam
- An exam and certification application voucher.
Certification Exam Information
What you need to know
- There are two exams for this course, a practical and a written exam. Students are required to achieve a minimum passing grade in both in order to qualify for certification.
- The written exam is completed within 3 hours on Friday morning, and is in multiple choice format. The exam begins punctually at 9:00 AM and ends at 12:00 PM. As such, students are encouraged to arrive no later than 8:30 AM, at which time the exam instructions will be read to the class, and students may ask any final questions. This exam is an open book exam.
- The practical exam is completed Friday afternoon with a live presentation to a panel of guest executives (CISO, CIO, CFO, COO, CEO, etc.).
- All students are required to sign a non-disclosure agreement prior to commencement of the exam, attesting they will not disclose or discuss anything related to either the practical or written exams with any other person(s).
- Students must bring (1) a copy of their student registration, and (2) at least one state / provincial or federal government issued identification card, both of which must be presented upon entering the examination room. Entrance will not be permitted without both.
- Student are prohibited from recording (audio or video) any session(s), or portions of any session, no matter whether the student is attending a classroom-based or online version.
- Students will receive a discount code for a free membership with the Information Security Leadership Forum. This code is only valid for use by the registered student. Students must register and setup an account at least one week prior to the beginning of your course as there may be pre course work that must be completed, as well as messages from your instructor.
- All student material for this course will be provided on or before the first day of training, by the course instructor via the Information Security Leadership Forum’s Online Training Portal. All course material is copyright protected, and student are prohibited from making any electronic or printed copy, or redistributing to any person.
- Students bring with them or otherwise have readily accessible, a copy of their course registration with barcode (printed or electronic format), which will be used to take daily attendance on the course. Anyone failing to have this information will be refused access.
- Already ISO 27001 Lead Auditor Certified? If you have an existing active certification with another recognized certification authority and would like to convert over to an ISLF certification, you may elect to challenge our exam for a free of $30 + $100 for your first year’s certification maintenance fee.
- Have the experience but no training, and want to challenge the exam? If you already meet the certification experience criteria and want to challenge the exam, we’re happy to accommodate. You can purchase an exam voucher and application fee and sit for an exam without taking the training. We strongly recommend, before taking this option, you purchase a copy of the course study guide and review it in detail prior to taking exam.