Attend in-person on-location, or via video-conference from the convenience and safety of your home or office.

To register one or more participants for a particular session, simply click the "Register" button for your desired event. Costing is automatically discounted by 20% for groups of 5 or more, and by 25% for groups of 10 or moreLearn more about attending a virtual classroom session here. All related practice exams, certification exams, and policy template tool-kits are likewise available online and on-demand at your convenience from your home or office.

Certified NIST Cybersecurity Framework 2.0 Lead Auditor Training (REMOTE - EASTERN TIME)


NIST Cybersecurity Framework 2.0 Lead Auditor Training

  • Course Overview

    Get trained as an expert in assessing and auditing cybersecurity according to the NIST Cybersecurity Framework 2.0

    NIST CSF LI 250Assessing the organization’s cybersecurity program against the key capabilities and objectives is the cornerstone of cybersecurity improvement and optimization. Internal and external stakeholders have a vested interest in managing cyber risk, and measuring the organization’s cybersecurity processes, procedures, and controls against desired cybersecurity objectives provides the basis for identifying critical risk exposures and opportunities for improvement. NIST CSF 2.0 now provides 103 desired cybersecurity outcomes/objectives along with 367 implementation recommendations. In two short days, our certified NIST CSF 2.0 expert will lead you and your team through a hands-on assessment of these very implementation tasks. The Certified NIST CSF 2.0 LA certification validates your ability to audit and assess the formal structure, governance, and policy of a robust cybersecurity framework following internationally recognized and respected NIST best practices and standards. 

    NIST CSF 2.0 Core desired outcomes can also be assessed for maturity of Execution

    Trying to assess a cybersecurity objective or desired outcome as simply “Incomplete”, “Partially Complete”, or “Complete” does not fully capture how mature the recommended tasks are implemented. Were a given cybersecurity objective and its corresponding implementation tasks well-planned? Were the tasks driven by documented policy? Were the implementation policy and procedures standardized throughout the organization, or do they differ from one department to another? Are metrics used and monitored to identify opportunities for improvement? These are some of the questions we should also consider as we assess every desired outcome and control objective’s level of maturity of execution. Determining Maturity Indicator Levels (MIL) is a critical part of a cybersecurity review, and your instructor will provide the seasoned guidance you and your fellow assessors/auditors need to perform the assessment properly.


    The purpose of the 2-day course is to:

    • Provide thorough coverage of NIST CSF 2.0's 103 Core desired outcomes and 367 recommended tasks;
    • Understand how to measure and monitor an organization's cybersecurity risk management maturity tiers;
    • Prepare you for your NIST CSF certification exam required for Certified NIST CSF 2.0 Lead Auditor professional credentialing.

    Upon completion of this training and certificate program, participants will:

    • Be equipped with knowledge and skills required to audit NIST Cybersecurity Framework policy and program in line with the NIST CSF 2.0 and related standards of best practice; and
    • Expand your cybersecurity competency.

    Register for a class (in-person or virtual) and get started today!

    Class details

    • Duration: 2 days, 8:30 - 4:30
    • CPE Credit: 16
    • Professional Certification: This course fulfills all prerequisite training requirements for certification exam #CSF102 for professional certification as Certified NIST CSF 2.0 Lead Auditor.
    • Materials included with live instructor-led training:
      • Class manual (complete hard copy of class presentation)
      • Excel template: NIST Cybersecurity Framework 2.0 Roles and Responsibilities RACI Matrix & CSF 2.0 Profile Template Tool (USD $500 value)
        CSF 2.0 RACI Graphic
      • 14 days of unlimited access to online practice exams for exam #CSF102
      • 1 attempt for the online certification exam #CSF102
    •  business continuity plan
    • Certificate of Achievement included with class: Upon course completion, we will provide you with an online digital achievement certificate for 24 continuing professional education (CPE) credits that can be used to fulfill requirements for maintaining a variety of professional credentials for fraud examination, accounting, auditing, and information security.
    • Recommended prerequisite training: None
    • Catering:
      • Morning refreshments and snack for live in-person participants
      • Lunch
      • Afternoon refreshments
    • Hotel and/or Travel: Not included

    * Access to a soft copy of the NIST CSF 2.0 is provided in class.


  • Recommended participants (expand for details)

    This course is provides the skills and knowledge necessary pro professionally monitor, assess, and audit cybersecurity activities and controls recommended by the NIST Cybersecurity Framework 2.0. Participation is recommended for:

    • Organizational Leadership (e.g., Director, Chief Operations Officer, Chief Technology Officer, Chief Security Officer)
    • Chief Privacy Officer
    • Data Protection Officer
    • Risk Management (e.g., Enterprise/Operations Risk Manager)
    • Chief Audit Executive/Director of Internal Audit
    • Chief Compliance Officer & Compliance Managers
    • IT Policy and Governance (e.g., Chief Information Security Officer)
    • Business Operations (e.g., Operations Manager)
    • IT Security Planning and Management (e.g., Director of Information Technology)
    • Business Continuity and Disaster Recovery Planning (e.g., BC/DR Manager)
    • IT Infrastructure (e.g., Network/System Administrator)
    • IT Operations (e.g., Configuration/Change Managers)
    • Procurement and Vendor Management (e.g., Contracts and Legal Support Managers)
  • Learning Objectives (expand for details)

    Get trained and certified in auditing and assessing the NIST Cybersecurity Framework 2.0

    1. Assessing Framework Core Function subcategory desired outcomes and recommended implementation examples for CSF's six Core Functions:

      1. Govern

      2. Identify

      3. Protect

      4. Detect

      5. Respond

      6. Recover

    2. Assessing CSF 2.0 roles and responsibility assignment.

    3. Assessing CSF 2.0 Framework Tiers (Cybersecurity Risk Management) maturity

    4. Assessing Risk Communication and Integration maturity

  • Get Certified (expand for details)

    This program is required for the following professional certification:

    nist csf thumbnailCertified NIST CSF 2.0 Lead Auditor


    Please note that, while there are no prerequisites to attend the training, please note that the NIST CSF 2.0 Lead Auditor certification is a stacking credential that requires current CIS Certified NIST CSF 2.0 Lead Implementer certification as a prerequisite for Lead Auditor certification eligibility. The Lead Auditor program extends CSF 2.0 Lead Implementer knowledge with an advanced understanding of how to assess and audit the 106 goals and objectives of NIST CSF 2.0 and its 363 corresponding recommended implementation tasks. If you have not already attended NIST CSF 2.0 Lead Implementer training, it is highly recommended that you do so prior to attending this session.

  • Guarantee (expand for details)

    Our simple guarantee to you.

    Preparing for Certified Information Security's professional certification exam

    #CSF102 is serious business. This is where we can help. If you first successfully complete:

    • All prerequisite course training; and
    • All CSF101 online practice exams

    Certified Information Security guarantees your success in passing CIS exam #CSF102.

    If you do not pass exam #CSF102 on your first attempt after completion of your required course and practice exams, Certified Information Security will allow you to re-test at no additional charge until you successfully pass your certification exam.

Event Properties

Event Date (MM-DD-YYYY) 09-12-2024 8:30 am
Event End Date 09-13-2024 4:30 pm
Cut off date 09-10-2024 5:00 pm
Cancel Registration Before Date 08-29-2024
Individual Price USD $2,495.00
Location Remote attendance via ZOOM (Eastern Time)
Attachment NIST-CSF-LI-LA.pdf


Allen Keele


Allen Keele is the founder and CEO of Certified Information Security. He is a recognized subject matter expert, author, consultant, and management systems architect for enterprise risk management (ERM), governance/risk/compliance (GRC), information security management, business continuity management (BCM), fraud control. A 7-time published author, including “Exam Cram 2: CISA”, Mr. Keele also achieved over twenty-five professional accreditations including CISA, CISM, CISSP, ISO 31000 CICRA, ISO 27001 LI/LA, ISO 22301 CBCM, CFE, ISO 37301 CCP, NIST CSF LI, CCSK, and a Bachelor of Business Administration degree in risk management from the University of Georgia.

Mr. Keele routinely works and collaborates with board members to educate and achieve buy-in for business-critical development and improvement. He presents to, and collaborates with, CEO's, CFO's, COO's, CRO's, CTO's, Chief Privacy Officers, Chief Information Officers/Security Officers, Chief Compliance Officers, Business Continuity Managers, Auditors, Fraud Risk Officers, Quality Managers, Procurement Managers, and HSE Managers to establish and integrate comprehensive and ISO-certifiable standards-based management systems and policies across functions throughout the enterprise. Mr. Keele brings a rare combination of risk management and compliance competence, real-world business experience, and a rigorous depth of certified technical skill to help organizations understand existing and emerging business needs, map these needs to proven and workable solutions strategies, and implement effective solutions strategies to achieve meaningful and measurable success.