(Click Category to List Courses)

29 - ISO-R ISO Certified Programs

ISO-I 110 - ISO 27001:2013 Information Security Management System (ISMS) Lead Auditor

Code Start Date Duration Venue
ISO-I 110 23 October 2023 5 Days Istanbul Registration Form Link
ISO-I 110 18 December 2023 5 Days Istanbul Registration Form Link
Please contact us for fees


Course Description

This course is certified by the Chartered Quality Institute (CQI) and International Register of

Certificated Auditors (IRCA) and meets the training requirements for initial certification as an IRCA ISMS Auditor.

This training will provide participants with the knowledge and skills needed to fulfil their role as a fully trained Lead Auditor of ISO 27001 Information Security Management Systems.

The course includes the 2-stage audit approach for the certification of Information Security Management Systems (ISMS), in conformity with the ISO/IEC 17021 standard.

This course is aligned to the ISO 19011, the guideline on auditing management systems.

It is conducted in cooperation with TTM Istanbul. (CQI | IRCA Course ID: 1728)

Course Objectives

  • Giving background knowledge of audits and the audit process in accordance to ISO 19011 and ISO 17021
  • Understanding the relevant skills, knowledge and confidence to plan, carry out, report and follow-up on 1st, 2nd and 3rd party information security management system audits in accordance with ISO 27001
  • Discussing the experience of the various stages of the audit through role plays; evening assignments; and simulated auditing exercises based on a case study 

Who Should Attend?

  • Internal auditors, auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • Persons responsible for ISO 27001 conformity in an organization
  • Members of an information security management team
  • Expert advisors in Information Security Management

Course Details/Schedule

Day 1

  • Basic concepts and terminology of information security management
  • Introduction to the ISO 27000 family standards 
  • PDCA cycle and its relation to ISMS
  • Documented Information
  • Accreditation and Certification

Day 2

  • Audit Types
  • Audit Objectives & Scope & Criteria
  • Audit Roles & Responsibilities
  • Audit Process
  • Resource Provision for Audits

Day 3

  • Stage 1 Audit Plan 
  • Use of Checklists
  • Stage 2 Audit Process
  • Information Collection & Sampling

Day 4

  • Auditor Behaviour
  • Stage 2 Audit Role Play
  • Audit Review
  • Identifying and Reporting Nonconformities

Day 5

  • Closing (Completing) the Audit
  • Reporting the Audit
  • Follow-up & Surveillance Activities
  • Examination