ISO 27001 Information Security Management Systems standard ensures that your organization keeps information assets safe and secure, by building an information security infrastructure against the risks of loss, damage or any other threat.

This four-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit.

For more information, please visit PECB.

Learning objectives :

  • Understand the operations of an Information Security Management System based on ISO 27001;
  • Acknowledge the correlation between ISO 27001, ISO 27002 and other standards and regulatory frameworks;
  • Understand an auditor’s role to plan, lead and follow-up on a management system audit in accordance with ISO 19011;
  • Learn how to lead an audit and audit team;
  • Learn how to interpret the requirements of ISO 27001 in the context of an ISMS audit;
  • Acquire the competencies of an auditor to plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011.

Who should attend?

  • Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits;
  • Managers or consultants seeking to master an Information Security Management System audit process;
  • Individuals responsible for maintaining conformance with Information Security Management System requirements;
  • Technical experts seeking to prepare for an Information Security Management System audit;
  • Expert advisors in Information Security Management.
  • Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001:
    • Normative, regulatory and legal framework related to information security;
    • Fundamental principles of information security;
    • ISO 27001 certification process;
    • Information Security Management System (ISMS);
    • Detailed presentation of the clauses 4 to 8 of ISO 27001.
  • Day 2: Planning and Initiating an ISO 27001 audit:
    • Fundamental audit concepts and principles;
    • Audit approach based on evidence and on risk;
    • Preparation of an ISO 27001 certification audit;
    • ISMS documentation audit;
    • Conducting an opening meeting.
  • Day 3: Conducting an ISO 27001 audit:
    • Communication during the audit;
    • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation;
    • Audit test plans;
    • Formulation of audit findings;
    • Documenting nonconformities.
  • Day 4: Concluding and ensuring the follow-up of an ISO 27001 audit:
    • Audit documentation;
    • Quality review;
    • Conducting a closing meeting and conclusion of an ISO 27001 audit;
    • Evaluation of corrective action plans;
    • ISO 27001 Surveillance audit;
    • Internal audit management program.

This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases;
  • Practical exercises based on a full case study including role playing and oral presentations;
  • Review exercises to assist the exam preparation;
  • Practice test similar to the certification exam.

To benefit from the practical exercises, the number of training participants is limited.

  • The “PECB Certified ISO 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts of information security;
    • Domain 2: Information Security Management System (ISMS);
    • Domain 3: Fundamental audit concepts and principles;
    • Domain 4: Preparation of an ISO 27001 audit;
    • Domain 5: Conducting an 27001 audit;
    • Domain 6: Closing an ISO 27001 audit;
    • Domain 7: Managing an ISO 27001 audit program.
  • The “PECB Certified ISO 27001 Lead Auditor” exam is available in different languages (trainers are fluent in English, French & Spanish);
  • The exam is available online, please refer to PECB Exams User Manual ;
  • Duration: 3 hours;
  • For more information about PECB Certified ISO 27001 exam and certification, refer to ISO 27001 Lead Auditor exam & certification .

Duration: 4 Days

Exam: Included

Certification : Yes

Next Course

ISO 27001 Lead Auditor
  • Location : Barcelona – Spain
  • Status : Scheduled
  • Language : Spanish / English


Tribe Loading Animation Image

Download Brochure

«I recommend this training for anyone looking to do a first experience as an ISO 27001 Internal Auditor.»

Claudia Wolf, Nagravision

«Trainers from Abilene Academy have large experiences on the field and sharing these experiences during their training is really a plus !»

«The Training Academy can benefit risk and information security managers in both public and private sectors to improve their organizations’ ability to meet their goals. The trainers are top notch and the venues, highly conductive to learning. Highly recommended!»

Andreas Tamberg, The Global Fund

«The course was very complete and relevant and helps to apprehend the training course purpose and meet the stated objectives.»

«The ISO 27001 Lead Auditor training was very insightful, as an IT professional it provides knowledge applicable to a wide range of topics.»

«Very nice training supported with well thought and well-prepared materials to proceed with the certification exam.»

«Provided training was very helpful in summarizing my previous knowledge and experience with the standard. Holding a certification will become a proof of it and I think it was a right choise to choose this provider.»

Anna Shevchuk

«It is great to challenge yourself with new knowledge. But I certainly would have never attended a second course with a company I would not feel confortable with.»

Enrico Neumann

«As I have done course in ISO27001 Lead Auditor- It was very much helpful in a way that it has given me whole new perspective to view from auditors point and to know about audit principles, process and procedures.»

Sai Kavya Bellamkonda

«The ISO 27001 Lead Auditor training is an enormous value add, whether you just start with auditing or if you are a seasoned auditor.»

Benjamin Williams, Philips

«Alexis knows the subject very well and manages to keep the training pleasant and lively. I especially enjoyed listening about his personal stories about working as an auditor and the many cases he encountered.»

Josselin Le Galludec, JCB International (France) SAS

«As an expert in my field, experienced in training for various companies, Abilene Academy training courses are for me among the most relevant because they combine, at a reasonable price, the excellence of the course content with that of a trainer who is always highly certfied & experienced. I also appreciate the rhythm of the course and its dynamism which allows me to master the subject matter.»

Frédéric Merland


ISO 27001 Lead Auditor
    Date: 1-4.Mar.2021
  • Location : Barcelona
  • Spain
  • Status : Scheduled
  • Language : Spanish / English


Tribe Loading Animation Image
ISO 27001 Lead Auditor
    Date: 8-11.Mar.2021
  • Location : LearnAnywhere ©️
  • Switzerland
  • Status : Scheduled
  • Language : French / English


Tribe Loading Animation Image
ISO 27001 Lead Auditor
    Date: 15-18.Mar.2021
  • Location : Paris
  • France
  • Status : Scheduled
  • Language : French


Tribe Loading Animation Image
ISO 27001 Lead Auditor
    Date: 29-1.Apr.2021
  • Location : Lyon
  • France
  • Status : Scheduled
  • Language : French


Tribe Loading Animation Image