ISO 27001 Lead Auditor is the expert-level certification for information security professionals with at least two years of qualified experience. This certification maps to and fulfills all ISO/IEC 27001 competence requirements.

ISO 27001 Lead Auditor Narrated Tutorial

Building upon the foundation understanding of the ISO 31000 and 27005 risk management frameworks, and the ISO 27001 framework validated by the Certified Internal Controls Architect credential, the ISO 27001 Lead Auditor certification by CIS further certifies your ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. Upon completion of this training and certificate program, you will:

• be equipped with knowledge and skills required to audit an Information Security Management System system conforming to the ISO 27001, 27002, 27003, and 27005 standards;
• be able to expand your information security governance and management competency;
• be able to increase your credibility through gaining international recognition; and
• be able to improve your résumé/CV, and help to increase your earning potential.

Getting Certified as an ISO 27001 Lead Auditor 

The ISO 27001 Lead Auditor certification is available to qualified candidates who:

1. Are a member of CIS in good standing. 
   If you are not already an Associate member of the CIS certification student body, you must first become a member to pursue the CICA credential.
2. Attend the required CIS approved curriculum course(s):
   • CIS Policy Workshop: ISO 31000 Enterprise Risk Management (Online or Instructor-Led)
   • CIS Policy Workshop: ISO 27001 Information Security Management (Online or Instructor-Led)
   • CIS ISO 27001 Lead Auditor (Online or Instructor-Led)
3. Gain the required experience.
   

   ISO 27001 Lead Auditor certification requires at least two years of experience in two or more of the domains of the ISO 27001 and 27002 standards as tested in CIS exams RM101, ISMS101, ISMS102, and ISMS103.

4. Pass the ISO 27001 Lead Auditor Exams. 
   Once you have successfully completed all of the steps above, you can attempt your certification exams #RM101, #ISMS101, #ISMS102, and #ISMS103. CIS exams are administered online and can be taken at your convenience at your home or work through the CIS eLearning Center, where your progress and score are monitored and recorded centrally. Your exam results are provided automatically upon completion of your exam.
5. Submit your professional endorsements.
   Complete your CIS exams RM101, ISMS101, ISMS102, and ISMS 103 and submit three CIS Candidate Endorsement Forms to the Certification Department at CIS Headquarters. Your completed application and documentation can be mailed, transmitted by facsimile, or e-mailed to:
   
   Certified Information Security
   ATTN: Certification Department
   1004 Green Pine Circle
   Orange Park, FL 32065 USA
   Fax: +1(786) 522-9063
   E-mail: certification@certifiedinfosec.com
   
   
6. Gain final approval from the certification committee and become certified by CIS. 
   You will officially become certified once your exam and credentials are approved by the certification committee. Those who have attained a CIS credential will be invoiced for certification renewal upon annual membership renewal.