PECB Certified ISO 27001 Lead Auditor Training



Who should attend

The PECB ISO/IEC 27001@2013 Training is aimed for individuals that wish to conduct external  assessment of the ISO 27001 certification and internal audits on behalf of their company.

Duration: 5 Days

Fees: £1300 + VAT

Course description

Download a PDF document of the complete course description iso-27001-lead-auditor


Course details

Day 1: Introduction to nformation Security Management System (ISMS) concepts

    • Normative, regulatory and legal framework related to Information Security
    • Fundamental principles of Information Security
    • The ISO/IEC 27001:2013 certification process
    • The Information Security Management System (ISMS)
    • Detailed presentation of the clauses 4 to 8 of the ISO/IEC 27001:2013 standard


Day 2: Planning and Launching an ISMS audit

    • Fundamental concepts and principles of auditing
    • Audit approach based on evidence and on risk
    • Preparation of an ISO/IEC 27001:2013 certification audit
    • Documentation of an ISMS audit
    • Conducting an opening meeting


Day 3: Conducting an ISO27001 audit

    • Communication during the audit
    • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
    • Drafting test plans
    • Formulation of audit findings
    • Drafting of nonconformity reports
    • Operations management of an ISMS


Day 4: Concluding and ensuring the follow-up of an ISO 27001 audit

  • Audit documentation
  • Quality Review
  • Conducting a closing meeting and Conclusion of an ISO/IEC 27001:2013 audit
  • Evaluation of corrective action plans
  • Surveillance Audit
  • Audit management program


Day 5: Exam

ISMS Foundation Training or a basic knowledge of ISO/IEC 27001:2005 and ISO/IEC 27002:2013 is recommended
Educational approach
This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases
  • Practical exercises based on a full case study including role playing and oral presentations
  • Review exercises to assist the exam preparation
  • Practice test similar to the certification exam

Examination and certification
The “Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:

  • Domain 1: Fundamental Principles and Concepts of Information Security
  • Domain 2: Information Security Management System (ISMS)
  • Domain 3: Fundamental Audit Concepts and Principles
  • Domain 4: Preparation of an ISO 27001 audit
  • Domain 5: Conducting an ISO 27001 audit
  • Domain 6: Closing an ISO 27001 audit
  • Domain 7: Managing an ISO 27001 audit program


The “Certified ISO/IEC 27001 Lead Auditor” exam is available in different languages (the complete list of languages can be found in the examination application form)

Duration: 3 hours

For more information about the exam, refer to PECB section on ISO 27001 Lead Auditor After successfully completing the exam, participants can apply for the credentials of Certified ISO/IEC 27001 Provisional Implementer, Certified ISO/IEC 27001 Implementer or Certified ISO/IEC 27001 Lead Implementer, depending on their level of experience.

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. For more information about ISO 27001 certifications and PECB certification process, refer to PECB section on ISO 27001 Lead Auditor.

General Information

Certification fees are included in the exam price
A student manual containing over 450 pages of information and practical examples will be distributed to participants
A participation certificate of 31 CPE (Continuing Professional Education)credits will be issued to participants
In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions