Search
Close this search box.
Victim of a security incident?

Are you the victim of a security incident? Contact our CERT

Training

ISO 27001 Certification
Lead Auditor

This course enables participants to develop the expertise required to audit an Information Security Management System (ISMS) and manage a team of auditors through the application of generally accepted audit principles, procedures and techniques. During this training, the participant acquires the skills and competencies required to plan and conduct internal and external audits effectively and in accordance with the ISO 19011 and ISO 17021 certification process. Through practical exercises, the participant develops the skills (mastery of audit techniques) and competencies (team and audit program management, client communication, conflict resolution, etc.) necessary to effectively conduct an audit.

If you would like to take this course by distance learning, click on the “Distance learning” button to find out more about the program.

Course overview

  • Acquire the expertise to perform an ISO 27001 internal audit following the ISO 19011 guidelines
  • Acquire the expertise to manage a team of ISMS auditors
  • Understand how an ISMS works according to ISO 27001
  • Improve the ability to analyze the internal and external environment of an organization, assess audit risks and make decisions in the context of an ISMS audit.

Course Curriculum

Day 1: ISO normative model and Management System

  • ISO 27001 Certification Process
  • Fundamentals of information security
  • Information Security Management System

Day 2: Plan and initiate an ISO 27001 audit

  • Fundamental audit principles and concepts
  • Evidence-based and risk-based audit approach
  • Preparing for an ISO 27001 certification audit

Day 3: Conducting the certification audit

  • Animation of the audit team
  • Communication during the audit
  • Interviews and evidence gathering
  • Sharing findings with the auditees

Day 4: After the audit

  • Formulation of audit findings
  • Drafting of the report
  • Follow-up of non-compliance issues
  • Management of the audit program
  • Relationship with the training organization
  • Revisions

Method of Assessment

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam is held on the 5th day of the course and lasts 3 hours. The exam covers the following competency areas:

  • Domain 1: Fundamental Information Security Principles and Concepts
  • Domain 2: Audit concepts and fundamentals
  • Domain 3: Preparing for an ISO 27001 audit
  • Domain 4: Conducting an ISO 27001 audit
  • Domain 5: Closing an ISO 27001 audit

Training benefits

This training is based on alternating theoretical and practical sessions:

  • Lectures illustrated with examples from real cases
  • Classroom exercises to help prepare for the exam
  • Practical tests similar to the certification exam

In order to preserve the good realization of the practical exercises, the number of participants in the training is limited.

Who should attend?

  • Auditors wishing to carry out and lead Information Security Management System certification audits
  • Managers or consultants wishing to master the Information Security Management System audit process
  • Any person responsible for maintaining compliance with ISMS requirements
  • Technical experts wishing to prepare an audit of the Information Security Management System
  • Advisors specialized in information security management

Entry Requirements

  • Have knowledge of the ISO/IEC 27001 standard
  • Have a good knowledge of information systems security

How and when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed
  • Registration requests can be sent up to 10 working days before the start of the training

Accessibility

Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.

To go further

This training course is designed to prepare you for the following training courses:

Duration

4,5 days (31h)

Price

€3450 excl. tax.

Meal

Breakfast & lunch included

Financing

OPCO support

Course overview

  • Acquire the expertise to perform an ISO 27001 internal audit following the ISO 19011 guidelines
  • Acquire the expertise to manage a team of ISMS auditors
  • Understand how an ISMS works according to ISO 27001
  • Improve the ability to analyze the internal and external environment of an organization, assess audit risks and make decisions in the context of an ISMS audit.

Course Curriculum

Session 1: Standards, regulatory frameworks and certification processes

  • Standards and regulatory frameworks
  • Certification process

Session 2: Information Security Fundamentals and Principles

Session 3: Information Security Management System

Session 4: Fundamental concepts and principles of the audit

  • Concepts and principles of the audit
  • Impact of trends and technology in auditing

Session 5: Audit Basics

  • Evidence based audit
  • Risk-based audit

Session 6: Initiation and first step

  • Initiation of the audit process
  • Step 1 of the audit

Session 7: Preparing and carrying out step 2

  • Preparation for stage 2 of the audit
  • Step 2 of the audit

Session 8: Communication during the audit

Session 9: Audit procedures

  • Audit procedures
  • Creation of audit sampling plans

Session 10: Audit report and closure

  • Drafting reports of audit findings and non-compliance
  • Audit documentation and quality review
  • Closing the audit

Session 11: After the audit

  • Evaluation of action plans by the auditor
  • After the initial audit

Session 12: Audit and certification program

  • Internal audit program
  • People certification program

Principle planning

  • 24 hours of lessons with the trainer, divided into 12 sessions of 2 hours each.
  • 24 hours of lessons with the trainer, divided into 12 sessions of 2 hours each.
Monday
Tuesday
Wednesday
Thursday
Friday
Week 1
Introduction
Session 1
Session 2
Session 3
Week 2
Session 4
Session 5
Session 6
Session 7
Session 8
Week 2
Session 9
Session 10
Session 11
Session 12

Method of Assessment

The “PECB Certified ISO/CEI 27001 Lead Auditor” exam is held in a slot chosen by the candidate from several options, within a maximum period of one year after training; it lasts 3 hours and is composed of single-choice questions.

The exam covers the following skill areas:

  • Domain 1: Fundamental principles and concepts of the Information Security Management System
  • Domain 2: Information security management system (ISMS)
  • Domain 3: Fundamental principles and concepts of auditing
  • Domain 4: Preparing for an ISO/IEC 27001 audit
  • Domain 5: Carrying out an ISO/IEC 27001 audit
  • Domain 6: Closing an ISO/IEC 27001 audit
  • Domain 7: Managing an ISO/IEC 27001 audit program

Training benefits

  • Training provided by a cybersecurity expert
  • An intuitive and easy-to-use platform
  • Moments of exchange on key concepts and sharing of experiences adapted to the context of the learners
  • A training pedagogy adapted to all learning profiles

Who should attend?

  • Auditors wishing to carry out and lead Information Security Management System certification audits
  • Managers or consultants wishing to master the information security management system audit process
  • Any person responsible for maintaining compliance with ISMS requirements
  • Technical experts wishing to prepare an audit of the Information Security Management System
  • Advisors specialized in information security management

Entry Requirements

  • Have knowledge of the ISO/IEC 27001 standard
  • Have a good knowledge of information systems security

How and when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 10 working days before the start of the training

Accessibility

Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.

To go further

This training course is designed to prepare you for the following training courses:

Duration

35 hours

Price

€2400 excl.tax.

Financing

OPCO support

Download the training sheet in PDF format

I download

Would you like more information?

+33 (0)2 55 59 01 11

[email protected]

Almond commits itself to ensure that the collection and processing of your data, carried out from the site https://almond.eu/, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data. The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information. You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see cnil.fr for more information on your rights). You can exercise your rights by contacting Almond's Data Protection Officer at the following address: [email protected]. Your data will be kept within the European Union, in accordance with the regulations in force.
Go back to the training catalog
The crew
Cyber Security
Secure Cloud &
Digital Technology
Almond Institute
News
Join us
We are HIRING
Contact us
Twitter Linkedin Facebook Youtube Instagram
PARIS_
STRASBOURG_
NANTES_
RENNES_
LYON_
GENÈVE_
MOVE
FORWARD
WE'LL
WATCH
YOUR
BACK
Privacy policy
Cookies usage
© 2023 Almond. All rights reserved.
Search
Close this search box.
Twitter Linkedin Facebook Youtube Instagram
Search
Close this search box.
Twitter Linkedin Facebook Youtube Instagram