Course Agenda
Day 1 | Introduction to the information security management system (ISMS) and ISO/IEC 27001
- Training course objectives and structure
- Standards and regulatory frameworks
- Certification process
- Fundamental concepts and principles of information security
- Information security management system (ISMS)
Day 2 | Audit principles, preparation, and initiation of an audit
- Fundamental audit concepts and principles
- The impact of trends and technology in auditing
- Evidence-based auditing
- Risk-based auditing
- Initiation of the audit process
- Stage 1 audit
Day 3 | On-site audit activities
- Preparing for stage 2 audit
- Stage 2 audit
- Communication during the audit
- Audit procedures
- Creating audit test plans
Day 4 | Closing the audit
- Drafting audit findings and nonconformity reports
- Audit documentation and quality review
- Closing of the audit
- Evaluation of action plans by the auditor
- Beyond the initial audit
- Managing an internal audit program
- Closing of the training course
Day 5 | Certification Exam
Duration: 5 days
Learning Objective
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
- Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
- Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
- Manage an ISO/IEC 27001 audit program
Exams
The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
Domain 1 | Fundamental principles and concepts of Information Security Management System (ISMS)
Domain 2 | Information Security Management System (ISMS)
Domain 3 | Fundamental audit concepts and principles
Domain 4 | Preparation of an ISO/IEC 27001 audit
Domain 5 | Conducting an ISO/IEC 27001 audit
Domain 6 | Closing an ISO/IEC 27001 audit
Domain 7 | Managing an ISO/IEC 27001 audit program
Certification
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
Note: PECB certified individuals who possess Lead Implementer and Lead Auditor credentials are qualified for the respective PECB Master credential, given that they have taken four additional Foundation exams related to this scheme. More detailed information about the Foundation exams and the Master credential requirements can be found here.
There are no reviews yet.