ISO/IEC 27001:2022 Lead Auditor Training Live-Online (4-Day)

This four day course was developed to cover all requirements of the ISO/IEC 27001:2022 standard. The course includes definitions from ISO/IEC 27000:2018 (Information Security Management Systems – Overview and Vocabulary), Guidance from ISO/IEC 27003:2017 (Information Security Management System Implementation and Guidance). Group exercises and case studies will be used to develop the required skills.

Learning Objectives:

  • Understand the application of Information Security
  • Management principles in the context of ISO/IEC 27001:2022
  • Relate the Information Security Management system to the organizational products, services, activities and operational processes.
  • Relate organization’s context and interested party needs and expectations to the planning and implementation of an organization’s Information Security Management system.
  • Understand the application of the principles,
    procedures and techniques of auditing.
  • Understand the conduct of an effective audit in the context of the auditee’s organizational situation.
  • Understand the application of the regulations, and other considerations that are relevant to the management system, and the conduct of the audit.
  • Practice personal attributes necessary for the effective and efficient conduct of a management system audit.
  • Establish, plan and task the activities of an audit team.
  • Communicate effectively with the auditee and audit client.
  • Organize and direct audit team members.
  • Prevent and resolve conflict with the auditee and/or within the audit team.
  • Prepare and complete the audit report.
  • Fundamentals of Information Security Management Systems (ISMS)
  • Information Security
  • What is an Information Security Management System (ISMS)
  • The ISO/IEC 270000 Fundamentals and Vocabulary
  • The ISO/IEC 270001 ISMS Described
  • ISO/IEC 27001:2022 Requirements Descriptions
  • ISO/IEC 27001:2022 Clauses
  • Annex A
  • The Process Approach
  • Risk-based Thinking
  • ISMS Risks
  • ISMS Risk Assessment
  • ISMS Risk Treatment
  • ISO/IEC 27001 Clause 4 – Context of the Organization
  • Group Exercise 1: Context of the Organization
  • ISO/IEC 27001 Clause 5 – Leadership
  • ISO/IEC 27001 Clause 6 – Planning
  • Group Exercise 2: Assessing and Evaluating Risk
  • ISO/IEC 27001 Clause 7 – Support
  • ISO/IEC 27001 Clause 8 – Operation
  • ISO/IEC 27001 Clause 9 – Performance Evaluation
  • ISO/IEC 27001 Clause 10 – Improvement
  • ISO/IEC 27001 Annex A
  • Group Exercise 3: Annex A – Required Elements and Risk Treatments
  • Understanding ISMS Final Exam

Privacy Preference Center