Training

ISO 27001:2022 certified ISMS lead auditor

Gain the skills to deliver external certification and supplier audits against ISO 27001:2022.

In partnership with IT Governance

  • Online or in person
  • Five days
  • £1,750 + VAT

This course will be held on

  • 03–07 February 2025

    • Online or in person
    • 10:00 – 17:00
  • 03–07 March 2025

    • Online
    • 10:00 – 17:00

Course times

This course takes place over five days, with sessions running:

  • Day one: 10:00 - 17:00
  • Day two: 9:15 - 17:00
  • Day three: 9:15 - 17:00
  • Day four: 9:15 - 17:00
  • Day five: 9:15 - 13:30

Please note: these dates are to join a public run of this course, provided by IT Governance. Upon booking you can specify if you'd prefer to join in person or online.

If you'd prefer to be in a Jisc member only run please email training@jisc.ac.uk.

About

ISO/IEC 27001:2022 is the newest version of ISO 27001, published in October 2022. While not significantly different from the previous standard, ISO 27001:2022 has notable changes that include scoping, planning, operation and performance evaluation, and a revised Annex A.

This accredited practitioner-led course will teach you:

  • The skills to conduct second-party (supplier) and third-party (external and certification) ISMS (information security management system) audits
  • How to lead a team of auditors and gain the skills to achieve compliance with ISO 27001
  • How to competently manage an ISMS audit programme
  • The best-practice audit methodology based on ISO 19011, allowing you to master audit techniques

Who should attend

This course is aimed at individuals who want a globally recognised ISO 27001 lead auditor qualification to further their careers. It is also designed for managers responsible for implementing and maintaining an ISO 27001-compliant ISMS, such as:

  • IT/information security managers
  • Compliance auditors
  • GDPR consultants
  • IT/information security consultants
  • Cyber security consultants
  • Heads of IT
  • Information and risk managers
  • Information security analysts
  • Information security officers
  • Internal auditors
  • ISMS managers

This course is only available to Jisc members.

What we cover

  • An overview of the structure and major requirements of ISO/IEC 27001:2022
  • An overview of the audit process used by certification bodies
  • The purpose, benefits and core principles of effective auditing
  • Common auditing terms and definitions
  • Critical skills required for performing an audit
  • Best-practice audit methodology based on ISO 19011
  • How to establish, maintain and manage an audit programme
  • How to plan, conduct, report, summarise and follow up on an audit
  • Effective interviewing techniques and observation skills
  • How to use audits to identify nonconformities and ensure appropriate corrective action is taken
  • How to assess and evaluate the competence of auditors.
  • Accredited certification audit specifics
  • How the audit process is used in first-, second- and third-party audits
  • How to apply continual improvement of the ISMS

What’s included in this course?

  • Full course materials (digital copy provided as a pdf file)
  • The ISO 27001:2022 certified ISMS lead auditor exam
  • A certificate of attendance

Training outcomes

  • An overview of the structure and major requirements of ISO/IEC 27001:2022
  • An overview of the audit process used by certification bodies
  • The purpose, benefits and core principles of effective auditing
  • Common auditing terms and definitions
  • Critical skills required for performing an audit
  • Best-practice audit methodology based on ISO 19011
  • How to establish, maintain and manage an audit programme
  • How to plan, conduct, report, summarise and follow up on an audit
  • Effective interviewing techniques and observation skills
  • How to use audits to identify nonconformities and ensure appropriate corrective action is taken
  • How to assess and evaluate the competence of auditors
  • Accredited certification audit specifics
  • How the audit process is used in first-, second- and third-party audits
  • How to apply continual improvement of the ISMS

Qualification: Successfully completing the course and included exam awards the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification.

The ISO27001 lead implementer exam qualification needs to be re-certified every 3 years.

Pricing and eligibility

  • Jisc institutional members and those from the education and research sector: £1750 + VAT

Please note, you are requesting a place on a public run of this IT Governance course so we are unable to provide refunds for cancellations.