CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor (ISMS) Training Course
CQI and IRCA Reg. Course No.: 2584 License No.: 01180136
Overview
Designed to equip learners with knowledge and skills to perform first-, second-, and third-party audits of Information Security Management Systems (ISMS) against ISO/IEC 27001 (with ISO/IEC 27002), in compliance with ISO 19011 and ISO/IEC 17021.
Intended for participants who already understand ISMS principles and ISO/IEC 27001 requirements; aims to refresh and expand on that prior knowledge.
Participants must conduct ISMS audits and identify audit evidence to determine conformity or non-conformity.
Examination may cover any requirement of ISO/IEC 27001 within the context of expected prior knowledge.
Summary of Course Features
Approved by CQI and IRCA (UK)
Utilizes an Accelerated Learning Approach with engaging workshops and case studies
Workshop-based training backed by comprehensive course notes and practical examples
Emphasizes risk-based thinking, PDCA, and the process approach
Focuses on high-risk processes and their outputs
Examination-based format with IRCA Certificate of Successful Completion and Attendance awarded upon success
Learning Objectives
Knowledge
Explain the purpose and business benefits of ISMS, related standards, management system audits, and third-party certification
Understand the auditor’s role in planning, conducting, reporting, and following up an ISMS audit per ISO 19011
Skills
Plan, conduct, report, and follow up on ISMS audits to assess conformity (or non-conformity) with ISO/IEC 27001 (with ISO/IEC 27002), following ISO 19011 guidelines
Who Should Attend
Management representatives, internal auditors, and second- and third-party auditors responsible for delivering value-added ISMS audits to support continual improvement
Course Content
Knowledge
Purpose of ISMS and improvements in effectiveness
Requirements of ISO/IEC 27001, the PDCA cycle, and overall ISMS structure
Differences between first-, second-, and third-party certification audits, including the auditor’s role in assessing confidentiality, integrity, and availability of information
Benefits of third-party accreditation for organizations and stakeholders
Auditor’s role in planning, conducting, reporting, and following up ISMS audits per ISO 19011 and ISO/IEC 17021 (as appropriate)
Skills (Practiced Through Audits—Simulated or Real)
Planning the audit
Conducting the audit
Auditing ISMS requirements
Generating audit findings
Reporting the audit
Following up on the audit
Prerequisites
Management System Fundamentals
Understanding of the Plan–Do–Check–Act (PDCA) cycle
Knowledge of core management system elements and their interrelationships (top management responsibility, policy, objectives, planning, implementation, measurement, review, continual improvement)
Information Security Management System (ISMS)
Familiarity with fundamental ISMS concepts and the seven security management principles per ISO 27001: customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision-making, and relationship management
HiHello , welcome to HSEQ Professional Can we help you?