ISO 27001 ISMS Lead Auditor

Accredited by PECB
Mastering the audit of an Information Security Management System (ISMS) based on ISO/IEC 27001

5 Days, Exam Included
31 CPDs
Download Brochure
Register Now
Free Exam Retake

Highlights

  • Experienced & accredited trainers
  • Accredited training material
  • Training & examination in 5 days
  • 31 CPDs
  • Excellent first attempt pass ratio
Upcoming Schedule
ISO 27001 Lead AuditorContact us to schedule this session for your team at your preferred location and dates


The International Standard ISO/IEC 27001:2013 has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization. The establishment and implementation of an organization’s information security management system is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. All of these influencing factors are expected to change over time.

The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.

It is important that the information security management system is part of and integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization.

This International Standard can be used by internal and external parties to assess the organization's ability to meet the organization’s own information security requirements.

Controls in ISO 27001
These are 114 controls in ISO 27001, organized in Annex-A of the document. These controls are classified into 14 control areas, as follows:

  • Information Security Policies
  • Organization for Information Security
  • HR Security
  • Asset Management
  • Access Control
  • Cryptography
  • Physical & Environmental Security
  • Operations Security
  • Communications Security
  • Systems Acquisitions, Development & Maintenance
  • Supplier Relationships
  • Information Security Incident Management
  • Information Security Aspects of BCM
  • Compliance
Introduction
This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011 the certification process according to ISO 17011.Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit.

Learning Objectives
  • To acquire the expertise to perform an ISO/IEC 27001 internal audit following ISO 19011 guidelines
  • To acquire the expertise to perform an ISO/IEC 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
  • To acquire the necessary expertise to manage an ISMS audit team
  • To understand the operation of an ISO/IEC 27001 conformant information security management system
  • To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To improve the ability to analyze the internal and external environment of an organization, its risk assessment

Recommended Participants
  • Internal auditors
  • Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information security audit function

Prerequisites
PECB Certified ISO/IEC 27001 Foundation Certification or basic knowledge of ISO/IEC 27001 is recommended.

Course Format
This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases
  • Practical exercises based on a full case study including role playings and oral presentations
  • Review exercises to assist the exam preparation
  • Practice test similar to the certification exam.
Materials Provided
  • Course reference manual containing copy of course slides, support documents, quizzes and answers
  • Course Certificate
  • Exam certificate on passing the ISO 27001 Lead Auditor examination

CPDs Assigned
This course qualifies for Thirty One (31) CPDs

  • Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001
  • - Normative, regulatory and legal framework related to information security
    - Fundamental principles of information security
    - ISO 27001 certification process
    - Information Security Management System (ISMS)
    - Detailed presentation of the clauses 4 to 8 of ISO/IEC 27001

  • Day 2: Planning and Initiating an ISO/IEC 27001 audit
  • - Fundamental audit concepts and principles
    - Audit approach based on evidence and on risk
    - Preparation of an ISO/IEC 27001 certification audit
    - ISMS documentation audit
    - Conducting an opening meeting

  • Day 3: Conducting an ISO/IEC 27001 audit
  • - Communication during the audit
    - Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
    - Audit test plans
    - Formulation of audit findings
    - Documenting nonconformities

  • Day 4: Concluding and ensuring the follow-up of an ISO/IEC 27001 audit
  • - Audit documentation
    - Quality review
    - Conducting a closing meeting and conclusion of an ISO 27001 audit
    - Evaluation of corrective action plans
    - ISO/IEC 27001 Surveillance audit
    - Internal audit management program

  • Day 5: Certification Exam

Certification Examination
A 3-hour certification exam is scheduled on the last day of the course. The exam is paper-pencil based.

Content of the exam
The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination Certification Programme (ECP). The exam covers the following competence domains:

  • Domain 1: Fundamental principles and concepts of information security
  • Domain 2: Information Security Management System (ISMS)
  • Domain 3: Fundamental audit concepts and principles
  • Domain 4: Preparation of an PECB Certified ISO/IEC 27001 audit
  • Domain 5: Conduct of an PECB Certified ISO/IEC 27001 audit
  • Domain 6: Closing an PECB Certified ISO/IEC 27001 audit
  • Domain 7: Managing an PECB Certified ISO/IEC 27001 audit program
Eligibility for Examination
There is no prerequisite for this certification exam.
Why select Business Beam as your Training Provider?

01

Exam passing guarantee
Enjoy one FREE exam retake if you fail in the first attempt. (What’s this?)

02

Free lifetime revision
Refresh your concepts by re-attending our training session for FREE. (What’s this?)

03

Accredited Training Organization
Business Beam is an ATO and PECB Partner.

04

Accredited course material
The training material is accredited and approved.

05

Quality Training Material
You will receive 550-page comprehensive training manual.

06

Accredited trainers
Our trainers are experienced consultants and accredited trainers.

07

Excellent first attempt pass ratio
Business Beam maintains 90%+ first attempt pass ratio.

08

Excellent feedback:
92%+ of our overall customers rates us excellent or very good.

09

Experience tells all
500+ accredited courses to 7,000 professionals in classroom.

10

At your premises
This training is also available at your preferred premises and timings.

11

At your premises
This training is also available for your teams at your preferred premises, and preferred timings.
FREE Exam Retake

Business Beam offers one FREE exam retake option to its valuable training participants who don’t pass exam in the first attempt.

  • This offer is time limited, starting from 2015 and onwards.
  • This offer is valid for selected courses only, including ITIL Foundation & Intermediate Level, PRINCE2 Foundation, and ISO 27001, ISO 22301, ISO 20000, ISO 38500 & ISO 9001 related exams.
  • Free examination retake is subject to 100% advance payment of training and exam fee.
  • Free examination retake offer shall NOT be applicable in following conditions:
  • If candidate does not attend the training session up to 3 hours or more;
  • If candidate does not write the examination (first time) on the last day of training session;
  • In case of online examinations, Candidate fails because of laptop or desktop issues.
  • Exam retake must be availed within 6 months of the initial exam.
  • This offer can be availed only at the offices of Business Beam, at Dubai or Karachi.
  • Candidate must send written exam retake request to Business Beam at This email address is being protected from spambots. You need JavaScript enabled to view it., with electronic copy of training attendance certificate, first examination date and preferred retake dates. Business Beam will confirm the retake schedule.
  • This offer is non-transferable and cannot be redeemed for cash or credit.
  • The terms and conditions are subject to change without any prior notice.
×
FREE Lifetime Revisions

Business Beam offers FREE lifetime revisions to its valuable training participants, who want to refresh their concepts. Participants are welcome to attend training again for FREE.

  • This offer can only be availed by the participants who attends our training sessions in 2016 and onwards.
  • For revision, participants may join any of our pre-scheduled open-enrollment training session at any location worldwide. Updated training schedule is available at our website (www.businessbeam.com).
  • Participants are welcome do more than one revisions, as required.
  • Revision participant shall pay the training logistic expenses.
  • This offer shall not be applicable if the course version changes (e.g. PMP based on PMBOK v5 to v6).
  • Training attendance certificate shall not be issued to revising participants.
  • This offer is valid for training courses only; examinations of any kind are not part of this offer.
  • This offer subjects to the confirmation of training session, and the availability of space.
  • The terms and conditions are subject to change without any prior notice.
×
Suggested Links
Register Online
Register in open-enrollment training sessions online
Open-Enrollment Schedule
Open enrollment sessions in Karachi, Islamabad and Lahore
Training Catalogue
List of our internationally accredited courses
Information Security Consulting
Secure your key data and information
Business Continuity Consulting
Keep your business running in disasters
Accreditations
See our strategic global alliances, accreditations and partnerships
Get the latest news