25,000+ Courses Nationwide
0345 4506120

ISO 27001 Lead Auditor

Learn how to plan and execute an audit of an ISO27001 ISMS.

With the growth and global acceptance of ISO/IEC 27001:2013 as the default standard for information security management, there has been an increased demand for qualified ISO27001 lead auditors. Gaining the knowledge and qualifications required to conduct an ISO27001 audit is essential for the successful career development of all ISO27001 lead auditors. A practical working knowledge of the lead audit process is also a crucial requirement for the manager responsible for implementing and maintaining ISO27001 compliance within an organisation.

Delivered by experienced ISO27001 consultants and using a combination of formal training, practical exercises and relevant case studies, our four-and-a-half-day course effectively outlines the theory and practice of an effective ISO27001 audit.

Who should attend this course?

  • Professionals responsible for auditing an ISMS or for ensuring best practice in information security controls
  • External consultants seeking to support the auditing activity of an information security system within client organisations

What's included in the course?

  • Lunch and refreshments
  • Full course materials (digital copy provided as PDF file)
  • The CIS LA exam
  • Certificate of attendance

This course prepares delegates for an examination, which is taken online on the last day of a four-and-a-half day training programme. Successful candidates will be awarded the ISO27001 Certified ISMS Lead Auditor (CIS LA) qualification, issued by the International Board for IT Governance Qualifications (IBITGQ).

The course also fits well with the CISSP, CISA and CISM Continued Professional Education (CPE) programmes, and is worth 31 CPE credits.

Select specific date to see price, venue and full details.

Learning Objectives

  • Gain a thorough understanding of best practice in audit methodology
  • Understand the best practice in audit methodology based on ISO19011
  • Learn how to prepare, lead and report on the findings of an information security audit
  • Learn how to identify non-conformances, and ensure appropriate corrective action is undertaken
  • Gain detailed knowledge of how to audit against ISO27001 and the related ISMS
  • Practise your new skills and knowledge by participating in role-play exercises, workshops and reviewing case studies


While there are no formal entry requirements for this course, we assume that delegates will have gained a good knowledge of ISO27001 through practical experience, either by reading or by attending our ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training courses.

Course Content

The course will cover not only the accepted principles of auditing, but will give participants a detailed understanding of audit methodology, including audit preparation, managing an audit team, determining compliance with the standard, interview techniques, following audit trails and documenting evidence.

Delegates will participate in workshops and case studies to develop their auditing technique, and will learn how to handle some of the more challenging situations an auditor may face. The course has been designed in keeping with international standards on auditing techniques, including ISO 19011.

The course will also familiarise participants with the challenges of auditing ISO27001 and will cover all sections of the standard in detail, providing tips on how to audit individual clauses, including risk assessments, business continuity, and effective continual improvement.

The course will make extensive use of group exercises and case studies throughout the four and a half days, providing attendees with a proper foundation in the practical aspects of auditing conformance with IS027001.

Exams & Certification

The course includes an examination and a certificate is issued on successful completion.

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


We work with the best