0345 4506120

ISO 27001 Lead Auditor - Virtual Class

This fully accredited, practitioner-led course equips you to execute an ISO/IEC 27001:2013-compliant ISMS audit, and helps you build your career in IS audit or ensure your organisation  achieves ISO 27001 certification. Learn online from the experts with real-world expertise and insights.

Save time and travel costs with training delivered to any location with Internet access.

Developed by ISO 27001 experts Alan Calder and Steve Watkins, and drawing on their bestselling textbook,  An International Guide to Data Security and IS027001/ISO27002, this four-and-a-half day interactive Live Online course covers the key steps involved in planning and executing an external audit of an ISO/IEC 27001:2013-compliant information security management system (ISMS). Steve Watkins is also the technical assessor for the United Kingdom Accreditation Service (UKAS), and is responsible for assessing UK certification bodies that award ISO 27001 certificates.

Online access requirements

Please note that this course is delivered as a WebEx Live Online session at fixed times and on fixed dates throughout the year.

Who should attend this course?

This course is aimed at individuals who want a globally recognised ISO 27001 lead auditor qualification to further their careers, and at managers who are responsible for the implementation and maintenance of an ISO 27001-compliant ISMS.


Learning Objectives

  • Understand best-practice audit methodology based on ISO 19011.
  • Prepare, lead and report on the findings of an information security audit.
  • Detailed information about auditing the ISMS against ISO 27001.
  • Interview techniques, following audit trails and reviewing documented evidence.
  • Audit risk assessments, business continuity and effective continual improvement.
  • Identifying nonconformities and ensuring appropriate corrective action is undertaken.
  • Practise new skills and develop knowledge by participating in role-play exercises, workshops and reviewing case studies.


There are no formal entry requirements for this course. We will, however, assume that delegates have a good knowledge of ISO 27001 gained either through reading, or by attending our ISO27001 Certified ISMS Foundation or ISO27001 Certified ISMS Lead Implementer training courses.

We also recommend that delegates have their own copies of the ISO/IEC 27001:2013 and ISO 27002:2013 standards for use during the course.

Please note that this course is delivered as a WebEx Live Online session at fixed times and on fixed dates throughout the year.


Delegates booked on this course are expected to have a reliable Internet connection at their home or office. We will check and confirm that you have the WebEx application installed and that you can correctly log onto our WebEx training centre before the course.

On the last day of the course you will be invited to take the ISO27001 CIS LA examination. You will need:

  • Internet Explorer 9 or newer (i.e. IE 10 or 11), or Mozilla Firefox version 16, 17 or 18.    
  • Internet access for the full time of the exam.    
  • To deactivate the pop-up blocker.    
  • A working webcam in the machine you are sitting your exam from.


Course Content

Using a combination of formal training, practical exercises and relevant case studies, an experienced ISO 27001 trainer, auditor and consultant will:

  • Help you understand best-practice audit methodology based on ISO 19011:2011 (Guidelines for auditing management systems).

  • Show you how to use audits to monitor conformance to the Standard, ensure consistent implementation and assess the effectiveness of continual improvement.

  • Help you gain experience of the practical application of the audit processes of ISO 27001 through discussion and role play.

Exams & Certification

ISO27001 Certified ISMS Lead Auditor (CIS LA) examination

Delegates sit the online ISO27001 Certified ISMS Lead Auditor (CIS LA) examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ. There is no extra charge for taking this exam.

ISO27001 Certified ISMS Lead Auditor (CIS LA) is acknowledged by the PCI Security Standards Council (PCI SSC) as an approved qualification meeting the requirements of application for an individual to become a PCI DSS Qualified Security Assessor (QSA).

This course is part of our unique ISO 27001 Learning Pathway, which also includes the ISO27001 Certified Foundation, Lead Implementer, Risk Management and Internal Auditor courses. It also qualifies for 32 CPD/CPE credits and fits well with the CISSP and SSCP Continued Professional Education Programme.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include