Get in Touch

Course Outline

I. Introduction to Information Security
1. Principles of systemic information security management
2. Organizational benefits and value addition

II. Overview of ISO/IEC 27001 Requirements
1. Core requirements of the standard
2. Key areas requiring specific attention
3. Identification of documentation obligations
4. Overview of Annex A controls

III. Information Security Management System (ISMS) Compliance with ISO/IEC 27001
1. Components of the ISMS in accordance with ISO/IEC 27001
2. Exercises in interpreting and analyzing standard requirements

IV. Audit Fundamentals
1. Introduction to audit concepts
2. Conducting a complete audit
3. Establishing audit criteria
4. Classification of audit types

V. Audit Planning and Preparation
1. Defining audit scope and criteria
2. Selection of the audit team
3. Application of a process approach to internal audits
4. Key considerations in developing audit questionnaires
5. Execution of audits per ISO 19011:2018 guidelines
6. Practical application exercises

VI. Audit Execution and On-Site Procedures
1. Audit techniques and methodologies
2. Collection and evaluation of objective evidence
3. Identification and substantiation of non-conformities
4. Competency requirements for audit team members
5. Practical application exercises

VII. Documentation of Audit Findings
1. Precise formulation of observed deviations
2. Formal documentation of non-conformities
3. Identification and recording of improvement opportunities
4. Compilation of audit findings into an audit report
5. Practical application exercises

VIII. Post-Audit Follow-Up Activities
1. Responsibilities regarding the initiation of corrective actions
2. Importance of accurately determining root causes of non-conformities
3. Definition and implementation of corrective actions
4. Evaluation of action effectiveness
5. Follow-up procedures for identified improvement opportunities
6. Practical application exercises

IX. Discussion and Conclusion

The following text outlines the structured curriculum for the ISO/IEC 27001 Lead Auditor certification, formatted for web publication without tabular data.

PECB ISO/IEC 27001 Auditor Certification Prerequisites

All candidates seeking PECB ISO/IEC 27001 Auditor designations must successfully pass the PECB Certified ISO/IEC 27001 Lead Auditor examination (or an equivalent approved exam) and adhere to the PECB Code of Ethics.

Candidate eligibility for one of the four certification tiers is determined by their professional experience and documented history of management system audits:

1. Provisional Auditor

  • Credential Title: PECB Certified ISO/IEC 27001 Provisional Auditor

  • Professional Experience: No prior experience required.

  • Audit Experience: None required.

  • Target Audience: Professionals who have passed the examination but do not yet meet the experience criteria for higher-tier designations.

2. Auditor

  • Credential Title: PECB Certified ISO/IEC 27001 Auditor

  • Professional Experience: Two years of total professional experience, including a minimum of one year dedicated to Information Security Management.

  • Audit Experience: A minimum of 200 hours of documented management system audit activities.

3. Lead Auditor

  • Credential Title: PECB Certified ISO/IEC 27001 Lead Auditor

  • Professional Experience: Five years of total professional experience, including a minimum of two years focused on Information Security Management.

  • Audit Experience: A minimum of 300 hours of documented management system audit activities.

4. Senior Lead Auditor

  • Credential Title: PECB Certified ISO/IEC 27001 Senior Lead Auditor

  • Professional Experience: Ten years of total professional experience, including a minimum of seven years focused on Information Security Management.

  • Audit Experience: A minimum of 1,000 hours of documented management system audit activities.

PECB ISO/IEC 27001 Lead Auditor Information

Requirements

Intended Recipients

  • Professionals pursuing qualification as ISO/IEC 27001:2023 Lead Auditors
  • Stakeholders with a professional interest in information security auditing practices for government
 35 Hours

Number of participants


Price per participant

Testimonials (1)

Upcoming Courses

Related Categories