• Search BSI
  • Verify a Certificate
BSI Homepage
Contact Us
Search Icon
Back to menu Choose a country/region

No countries/regions found

Suggested region and language based on your location

    Your current region and language

    Submit

    CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course

    CQI and IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course

    Level Lead auditor Duration 5 days
    Available to book: Public classroom See all dates and book
    Available to quote: In-house Request a quote
    Not ready to sign up?

    Talk to our training advisor to guide you through the training journey.

     Send more information

    Auditing is crucial to the success of any management system. As a result, it carries with it heavy responsibilities, tough challenges and complex problems. This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).

    How will I benefit?

    Effective auditing helps to ensure that the measures you put in place to protect your organization and your customers are properly managed and achieve the desired result.

    • Explain the purpose and business benefits of:

      • Information Security Management Systems (ISMS), ISMS standards.
      • Management system audit.
      • Third-party certification.

      Explain the role of an auditor to plan, conduct, report and follow up an Information Security MS audit in accordance with ISO 19011 (and ISO 17021 where appropriate).

      Have the skills to: Plan, conduct, report, and follow up an audit of an ISMS to establish conformity (or otherwise) with ISO/IEC 27001/2, ISO 19011 (and ISO 17021 where appropriate).

    • This course is suitable for those wishing to Lead audits of ISMS in accordance with ISO/IEC 27001:2022 (either as a 2nd party, or 3rd party auditor), those wishing to learn about effective audit practices. Security and quality professionals, existing information security auditors who wish to expand their auditing skills and consultants who wish to provide advice on ISO/IEC 27001:2022 ISMS Auditing.

    • You will sit a 2 hour exam to test your knowledge and understanding. On completion, you’ll be awarded a CQI and IRCA certified training course certificate.

    • This course forms part of our auditor qualification programme. Our ISO/IEC 27001 auditor qualifications will give you a BSI Mark of Trust, reassuring your customers and suppliers that your skills have been validated.

      Earn this badge if you sign up below courses and pass the examination:

      ISO/IEC 27001 Lead Auditor Practitioner
      ISO-IEC-27001-Lead-Auditor-Practitioner-mark-of-trust-logo-En-GB-0820.jpg
      - ISO/IEC 27001 requirements training course 
      - CQI & IRCA ISO/IEC 27001 lead auditor course

      ISO/IEC 27001 Lead Auditor Professional
      ISO-IEC-27001-Lead-Auditor-Professional-mark-of-trust-logo-En-GB-0820.jpg
      - ISO/IEC 27001 requirements training course 
      - CQI & IRCA ISO/IEC 27001 lead auditor course
      - Process improvement introduction 
      - Process improvement auditor

      ISO/IEC 27001 Lead Auditor Certified Professional
      ISO-IEC-27001-Lead-Auditor-Certified-Professional-mark-of-trust-logo-En-GB-0820.jpg
      - Completed Lead Auditor Professional training modules
      - Practical application

      I'm interested, please send me more information about the course.

    • Delegates are expected to have the following prior knowledge:

      a. Management systems
      Understand the Plan-Do-Check-Act (PDCA) cycle.

      b. Information security management
      Knowledge of the following information security management principles and concepts:

      • Awareness of the need for information security.
      • The assignment of responsibility for information security.
      • Incorporating management commitment and the interests of stakeholders.
      • Enhancing societal values.
      • Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk.
      • Incorporating security as an essential element of information networks and systems.
      • The active prevention and detection of information security incidents.
      • Ensuring a comprehensive approach to information security management.
      • Continual reassessment of information security and making of modifications as appropriate.

      c. ISO/IEC 27001
      Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000.

    Contact Us

    Let's shape your organization's future together

    Reach out and see how we can help guide you on your path to sustainable operational success.

    Get in touch
    Get in touch