CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor - International

Level Lead auditor Duration 5 days

Available to book: View dates, locations and prices

Provide knowledge and skills required to perform 1st 2nd 3rd party ISMS audits against ISO/IEC 27001; in accordance with ISO 19011 and ISO 17021, as applicable.

Auditing is crucial to the success of any management system. As a result, it carries with it heavy responsibilities, tough challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).

How will you benefit?

Develop the confidence to lead an audit team
Conduct an organizational audit of an ISMS in line with ISO/IEC 27001:2022
Protect private data to future-proof your organization and ensure compliance

Explain the purpose and business benefits of:
- Information Security Management Systems (ISMS), ISMS standards
- Management system audit
- Third-party certification
Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).

Have the skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity (or otherwise) with ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate)
This course is suitable for those wishing to Lead audits of ISMS in accordance with ISO 27001:2022 (either as a 2^nd party, or 3^rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO 27001:2022 ISMS Auditing.

Prerequisites:

Delegates are expected to have the following prior knowledge:

Management systems

Understand the Plan-Do-Check-Act (PDCA) cycle.

Information security management (Knowledge of the following information security management principles and concepts):
- Awareness of the need for information security
- The assignment of responsibility for information security
- Incorporating management commitment and the interests of stakeholders
- Enhancing societal values
- Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk
- Incorporating security as an essential element of information networks and systems
- The active prevention and detection of information security incidents
- Ensuring a comprehensive approach to information security management
- Continual reassessment of information security and making of modifications as appropriate
ISO/IEC 27001

Knowledge of the requirements of ISO 27001:2022 Requirements course and the commonly used information security management terms and definitions, as given in ISO/IEC 27000.
- On completion of the course, you'll be awarded an internationally recognized BSI Training Academy certificate

Let's shape your organization's future together

Reach out and see how we can help guide you on your path to sustainable operational success.

Get in touch