ISO 27001 ISMS Lead Auditor Course

CQI and IRCA Certified ISMS Auditor Training courses will equip you with the knowledge and skills to assess organisations’ information security management systems to ISO 27001.

This teaches you the management systems approach to identifying and managing information security risks, the requirements of ISO 27001, and how to plan, complete and report the audit of an entire ISMS.

This course includes a 2-hour written examination.

Duration: 5 Days

Who Should Attend

This course is for those intending to acquire the competence to audit an organisation’s ISMS to meet the requirements of ISO 27001, either as a third or second-party auditor. Successful completion of this course meets the requirement for certification as an Auditor on IRCA’s ISMS Scheme.

Course Benefits

This course satisfies the formal training requirements for those wishing to register with the CQI and IRCA Certified ISMS auditing scheme.

This training course will help delegates perform value-added audits and develop wider understanding of information security management systems development and implementation. Delegates will gain an understanding of the level of performance required for implementing a successfully certified ISMS and how to assess against the ISO 27001 standard. It will help delegates to develop essential conceptual skills including risk-based thinking, continual improvement, life-cycle thinking, and process-based approaches.


  • Introduction to Information Security
  • Detailed content of ISO 27001:2013
  • Information security management principles, vocabulary and ISO 27001 requirements;
  • Similarities with other management systems standards
  • Information Security Management Issues including operational control
  • Information Security Audit Skills
  • Practical exercises and feedback
  • Stage 1 audit (including document review);
  • Audit planning;
  • Process auditing and audit skills;
  • Writing NC reports and audit reporting;
  • Audit follow up.