ISO 27001:2013 Lead Auditor

The International Standard ISO/IEC 27001:2013 has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.

For Whom

Internal auditors, Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits, Project managers or consultants wanting to master the Information Security Management System audit process, CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks, Members of an information security team, Expert advisors in information technology, Technical experts wanting to prepare for an Information security audit function


After completing this course, you will be able to learn :

  1.  acquire the expertise to perform an ISO/IEC 27001 internal audit following ISO 19011 guidelines
  2.  acquire the expertise to perform an ISO/IEC 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
  3.   acquire the necessary expertise to manage an ISMS audit team
  4. understand the operation of an ISO/IEC 27001 conformant information security management system
  5. understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization.


  1.  ISO/IEC 27001 Foundation Certification

Duration :

Day 4 Course Outline

Language: English

Course Outline / Content  :

The following Modules are included in this course :

  1.   Normative, regulatory and legal framework related to information security
  2.   Fundamental principles of information security
  3.   ISO 27001 certification process
  4.   Information Security Management System (ISMS)
  5.   Detailed presentation of the clauses 4 to 8 of ISO/IEC 27001
  6.   Fundamental audit concepts and principles
  7.   Audit approach based on evidence and on risk
  8.   Preparation of an ISO/IEC 27001 certification audit
  9.   ISMS documentation audit
  10.   Conducting an opening meeting
  11.   Communication during the audit
  12.   Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
  13.   Audit test plans
  14.   Formulation of audit findings
  15.   Documenting nonconformities
  16.   Audit documentation
  17.   Quality review
  18.   Conducting a closing meeting and conclusion of an ISO 27001 audit
  19.   Evaluation of corrective action plans
  20.   ISO/IEC 27001 Surveillance audit
  21.   Internal audit management program


ISO 27001:2013 Lead Auditor Download  Training Brochure 

Enquiry Form  :