Information Security Management Systems (ISMS) Auditor/Lead Auditor (IRCA) Training Course (BS ISO/IEC 27001:2013)

In this five day course certified to IRCA* guidelines, our experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2013.

Average Satisfaction Score - Information Security Lead Auditor training courseTo attend this course, you should already have knowledge of the key Plan-Do-Check-Act (PDCA) cycle within management systems. You should also have knowledge of Information Security Management principles, concepts and specifically the requirements of ISO/IEC 27001:2013.

Tutors on our lead auditor courses will expand on your existing knowledge of the standard and develop your skills and ability to lead a team to conduct audits of an ISMS to the standard.

Through a combination of tutorials, syndicate exercises and role play, you will learn everything you need to know about how an ISMS audit should be run including conducting second and third-party audits.

IRCA Certified Course (A17287)

This course is certified by the International Register of Certificated Auditors (IRCA) and meets training requirements for those seeking registration as a lead auditor under their ISMS scheme.

Who should attend?

This is intended for those who will be involved in leading audits of an ISMS that conforms to ISO/IEC 27001:2013 in any organization.

Suggested job roles and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

What will I learn?

  • What is the purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
  • What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013, Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011, Guidelines for auditing management systems and where applicable, ISO 17021:2011, Conformity assessment - Requirements for bodies providing audit and certification of management systems

How will my organization benefit?

  • Your company will have an internal resource and process to be able to conduct its own audit of its ISMS to assess and improve conformance with ISO/IEC 27001:2013
  • You will gain a professional qualification that certifies that you have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization that satisfies IRCA guidelines
  • Successful auditing will improve the protection of any organization’s private data to meet market assurance and corporate governance needs


Delegates are expected to have the following prior knowledge:

Management systems

Understand the Plan-Do-Check-Act (PDCA) cycle.

Information security management (Knowledge of the following information security management principles and concepts):

  • Awareness of the need for information security;
  • the assignment of responsibility for information security;
  • incorporating management commitment and the interests of stakeholders;
  • enhancing societal values;
  • using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
  • incorporating security as an essential element of information networks and systems;
  • the active prevention and detection of information security incidents;
  • ensuring a comprehensive approach to information security management;
  • continual reassessment of information security and making of modifications as appropriate.

What's included?

  • Refreshments
  • Lunch
  • Course Folder
  • Pen and Notepad
  • Certificate of attendance
View dates and book now Request in-company training quote
    • Suitable for small groups
    • Suitable for single person
    • Learn from other organizations
    • Suitable for large groups
    • Flexible & convenient
    • Tailored for your needs