ISO 27001 Lead Auditor Implementer Training

Certified ISO 27001 Lead Auditor

"Plan-Do-Check-Act" within the ISO 27001 ISMS requires auditing. The CIS ISO 27001 Lead Auditor training will complete your ISO 27001 understanding gained in previous CIS risk management and information security courses by ensuring you also understand how to apply the ISO 19011 and ISO 27007 ISMS auditing standards to an ISMS audit program.

The CIS ISO 27001 Lead Auditor Course

Based upon the ISO 27001 related auditing standards ISO 27007 and 19011, this one-day additional course will provide an intensive overview of how to manage an internal audit of an organization's risk management program in along with its corresponding ISMS. This course will also provide valuable guidance on conducting the internal audits, on establishing and validating the competence of ISMS auditors, and prepare you for your ISO 27001 lead auditor certification exams required for the well-recognized ISO 27001 Lead Auditor professional certification. Learn more. 

This course  is applicable to those needing to understand or conduct internal or external audits of a risk management system supporting an ISMS, or how to manage an ISO 27001 ISMS audit program. This is the only ISO 27001 Lead Auditor training and professional examination program to incorporate ISO's 27007 standard as core content within its program. Building upon the foundation understanding of the ISO 27005 risk management framework and ISO 27001 framework validated by the Certified Internal Controls Architect credential , the ISO 27001 Lead Auditor certification by CIS certifies your ability to audit the formal structure, governance, and policy of an ISO 27001 conforming ISMS. Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. 

Upon completion of this training and certificate program, you will:

• be equipped with knowledge and skills required to perform audits of Information Security Management Systems (ISMS) against the ISMS standards;
• be able to expand your auditing competency;
• be able to increase your credibility through gaining international recognition; and
• be able to improve your résumé/CV and help to increase your earning potential.

It’s convenient!

Certified Information Security provides the training and credentialing you need to become recognized as an authority in information security governance and risk management.  You choose the method of delivery: online through our secure website, or in-person at a publicly available course or privately at your facility.  We take care of the rest – from administration, to record keeping, to providing certificates of completion and certification.

Online students have the additional convenience of taking courses whenever they want without the need to travel or disrupt their busy schedules. Our program allows users to start and stop without losing their place or data.  Learning and certifying expertise has never been so easy!

How to get started - two alternatives 

1. If your employer is paying for your training and certification, we recommend purchasing a complete ISO 27001 Lead Auditor certification package voucher that includes all required resources, including membership in the CIS Body of Certified Professionals, all required training programs, all recommended practice exams, and the required certification exam. This allows your employer to purchase and pay all of your necessary resources at once, while still giving you flexibility of when to use your training, practice exams, and certification exams later.
   
   

2. "Pay-as-you-go" by purchasing your membership in the CIS Body of Certified Professionals, training, recommended practice exams, and the certification exams as you need them. Start by purchasing training, and then purchase practice exams when you are ready. After you complete your practice exams, you then purchase your certification exam.

A breakdown of the costs are as follows: 

1. Required CIS Membership Application Fee & Membership Dues: $100.00 Learn more

2. Required Training 

3. Optional Online Practice Exams for all exams (RM101, ISMS101, ISMS102, and ISMS103): $375.00 Learn more

4. Required Online Certification Exams (RM101, ISMS101, ISMS102, and ISMS103): $400.00 Learn more

This course is applicable to auditors, risk managers, and information security managers needing to understand or conduct internal or external audits of an risk management system supporting an ISMS, or how to manage an ISMS audit program.

Online ISO 27001 Lead Auditor Certification Program

Based upon the ISO 27007 and 19011 auditing Standards, this one-day course will provide an intensive overview of how to manage an audit of an organization's risk management program in along with its corresponding information security management system. This course will also provide valuable guidance on conducting the audits, and on establishing and validating the competence of ISMS auditors.

Covered topics include:

• Auditing the Audit Function & Program

• Principles of auditing

• Managing an audit program

  • Establishing the audit program objectives
  • Establishing the audit program
  • Role and responsibilities of the person managing the audit program
  • Competence of the person managing the audit program
  • Determining the extent of the audit program
  • Identifying and evaluating audit program risks
  • Establishing procedures for the audit program
  • Identifying audit program resources
  • Implementing the audit program
  • Monitoring the audit program
  • Reviewing and improving the audit program

• Performing an audit

  • Initiating the audit
  • Preparing audit activities
  • Conducting the audit activities
  • Preparing and distributing the audit report
  • Completing the audit
  • Conducting audit follow-up

• Auditing the ISMS Scope, Policy, Risk Assessment Approach, and ISMS Implementation

  • ISO 27001 Audit Criteria
  • ISO 27005 Best Practices
  • ISO 27007 Evidence Collection Recommendations

• Auditing the ISMS Monitoring and Review

  • ISO 27001 Audit Criteria
  • ISO 27007 Evidence Collection Recommendations

• Audit the ISMS Documentation Fulfillment

  • ISO 27001 Audit Criteria

• Audit the ISMS Organization and Management Commitment

  • ISO 27001 Audit Criteria
  • ISO 27003 Best Practices
  • ISO 27007 Evidence Collection Recommendations

• Auditing ISMS Internal Audit against ISO 27001 Requirements

  • ISO 27001 Audit Criteria
  • ISO 27007 Evidence Collection Recommendations
  • Auditing Management Review

• An overview of using ISO TR 27008 to audit internal controls

This program is prerequisite training for ISO 27001 Lead Auditor exam ISMS103.

Our simple guarantee to you.

Preparing for Certified Information Security's professional certification exams #RM101, #ISMS101, #ISMS102, and #ISMS103 is serious business.

This is where we can help you. If you first successfully complete:

• All prerequisite ISO 27001 certification training; and
• All RM101, ISMS101, ISMS102, and ISMS103 online practice exams

Certified Information Security guarantees your success in passing certification exams #RM101, #ISMS101, #ISMS102, and #ISMS103.

If you do not pass exams #RM101, #ISMS101, #ISMS102, and #ISMS103 on your first attempt after completion of your required course and practice exams, Certified Information Security will allow you to re-test at no additional charge until you successfully pass your certification exams.