Information Security Management Systems Auditor/Lead Auditor Training Course - IRCA Certified Course (A17287)

In this five day course certified to IRCA* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.

To attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems.

You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013.

Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skills and ability to lead a team to conduct audits of an ISMS to the standard.

Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third-party audits.

*IRCA Certified Course (A17287)

This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.


Who should attend to the training?

This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.

Suggested job roles and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

What will I learn in the training?

  • What is the purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
  • What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013ISO/IEC 27002:2013, Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011, Guidelines for auditing management systems and where applicable, ISO 17021:2011, Conformity assessment - Requirements for bodies providing audit and certification of management systems

How will my organization benefit by the training?

  • Your company will have an internal resource and process to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
  • You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization that satisfies IRCA guidelines
  • Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs

What's included in the training?

  • Training pack (training materials, BSI pen, training course note)
  • Lunch
  • Refreshments