top of page
Image by Christopher Gower



The ISO/IEC 27001 Lead Auditor training allows you to develop the expertise necessary to carry out an information security management system (ISMS) audit by applying widely recognized auditing principles, procedures and techniques.

During this training, you will acquire the knowledge and skills necessary to plan and carry out internal and external audits in accordance with the ISO 19011 and ISO/IEC 17021-1 certification processes.

Why should you participate?

Based on practical exercises, you will master audit techniques and the management of an audit program, an audit team, communication with clients and conflict resolution.

After acquiring the necessary expertise to carry out this audit, you can take the exam and apply for the title of “PECB Certified ISO/IEC 27001 Lead Auditor”. By holding a PECB Lead Auditor certificate, you will be able to demonstrate that you have the capabilities and skills necessary to audit organizations in accordance with best practices.

  Who is the training for?

  • Auditors wishing to perform and lead information security management system (ISMS) certification audits

  • Managers or consultants wishing to master the audit process of an information security management system

  • Individuals responsible for maintaining compliance with information security management system requirements.

  • Technical experts wishing to prepare for an information security management system audit. 

  • Expert advisers in information security management

Learning objectives

At the end of this training, participants will be able to:

  1. Explain the concepts and fundamental principles of an information security management system (ISMS) based on ISO 27001

  2. Interpret ISO 27001 requirements for an ISMS from an auditor's perspective

  3. Assess compliance of the ISMS with the requirements of ISO 27001, in accordance with the concepts and fundamental principles of auditing

  4. Plan, perform and close an ISO 27001 compliance audit, in accordance with the requirements of ISO/IEC 17021-1, ISO 19011 guidelines and other good audit practices

  5. Manage an ISO/IEC 27001 audit program

Pedagogical approach

  • This training is based on both theory and best practices used in ISMS auditing

  • Lectures are illustrated with examples based on a case study

  • The practical exercises are based on a case study which includes role plays and discussions

  • The practice tests are similar to the certification exam


A basic understanding of ISO/IEC 27001 and a thorough knowledge of auditing principles.

While not purely a ‘test prep’ course, these trainings are appropriate for professionals who plan to certify, as well for those who want to deepen their data protection knowledge. Both the training and the exam are based on the same body of knowledge.

bottom of page