Information Security Management Systems (ISMS) Auditor/Lead Auditor Training Course (BS ISO/IEC 27001:2013)

Auditing is crucial to the success of any management system.  As a result, it carries with it heavy responsibilities, tough challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).

Who should attend ?

  • Those wishing to Lead audits of Information Security Management System (ISMS) in accordance with ISO 27001:2013 (either as a 2nd party, or 3rd party auditor)
  • Those wishing to learn about effective audit practices
  • Existing information security auditors who wish to expand their auditing skills
  • Consultants who wish to provide advice on ISO 27001:2013 ISMS Auditing
  • Security and quality professionals

What will I learn ?

A combination of tutorials, syndicate exercises and role play, including the following topics:


Explain the purpose and business benefits of:

  •  an ISMS;
  •  of ISMS standards;
  •  of management system audit;
  •  of third-party certification.
  • Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).


Have the skills to:

  •  Plan;
  •  Conduct;
  •  Report;

 And follow up an audit of an ISMS to establish conformity (or otherwise) with
ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate).

Benefits to Your Business

Effective auditing helps to ensure that the measures you put in place to protect your organization and your customers are properly managed and achieve the desired result.