ISO 27001:2013 Lead Auditor Training Course

Auditing is crucial to the success of any management system. As a result, it carries with it heavy responsibilities, tough challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).

Who should attend?

This course is suitable for those wishing to Lead audits of ISMS in accordance with ISO 27001:2013 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO 27001:2013 ISMS Auditing.

What will I learn?

Explain the purpose and business benefits of:

• Information Security Management Systems (ISMS), ISMS standards
• Management system audit
• Third-party certification

Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).

Have the skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity (or otherwise) with ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate)

How will I learn?

Our high impact accelerated learning approach increases learning effectiveness by improving your ability to retain knowledge and apply skill. The training is activity-based, and is proven to have a positive effect on job performance whilst saving time and money.


As part of the Lead Auditor course, you will be required to first complete our ISO/IEC 27001 Requirements eLearning training course. On registering for the Lead Auditor course, you will receive an email with details on accessing the eLearning course. Find out more information on what is covered at the ISO/IEC 27001 Requirements eLearning training. Note: the eLearning module is included in the lead auditor course cost.

It is also recommended that delegates have a good knowledge of ISO/IEC 27001 and the key principles of a ISMS. It will also help if you have attended an internal or lead auditor course or have experience with conducting internal or supplier audits.

What will I gain?

On completion, you’ll be awarded an internationally respected BSI Training Academy certificate.

Exam and Continuous Improvement

Each delegate must demonstrate acceptable levels of performance against all course learning objectives, which is evaluated during course activities. Performance is recorded daily by the tutor using the Personal Continuous Assessment Record (PCAR). In order to satisfactorily complete the course, each delegate must complete/attend all elements of the course, pass the continuous assessment and written examination.

The written examination is an online examination which is done after the course. Delegates will receive a link to access the exam and have 30 days to successfully complete the examination, including a re-take if necessary. On successful completion, we’ll email you a copy of your Certificate of Achievement.

The examination is “open-book” which means you are permitted to access reference materials during the exam. The pass mark is 80% and you’ll see your score on completion.