IT Governance Service
ISO/IEC 27001 Lead Auditor
The ISO/IEC 27001 Lead Auditor certification consists of professional certification for auditors who are specialized in information security management systems (ISMS) based on the ISO/IEC 27001 standard.
The training of lead auditors generally includes a classroom/online training and exam portion and a requirement to have performed a number of ISO/IEC 27001 audits and a number of years of information security experience. Some ISO 27001 Lead Auditor training courses are formally accredited by training accreditation bodies such as IRCA and PECB. Attending the course and passing the exam is not sufficient for an individual to use the credentials of Lead Auditor as professional and audit experience is required. The specific requirements to obtain a certificate stating the qualification of "ISO27001 Lead Auditor" vary depending on the organization issuing the certificate.
THe Certification can help:• Avoid hefty fines. ISO 27001 is the accepted global benchmark for the effective management of information assets. • Protect your reputation. • Comply with business, legal, contractual and regulatory requirements. • Improve structure and focus. • Reduce the need for frequent audits.
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Acquire the competencies of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
A fundamental understanding of information security and privacy, and comprehensive knowledge of audit principles.
- Multiple choice examination questions
- 40 questions
- 30 marks required to pass (out of 40 available) – 75%
- 90 minutes’ duration
- Closed book