Course details Day 1: Introduction to nformation Security Management System (ISMS) concepts Normative, regulatory and legal framework related to Information Security Fundamental principles of Information Security The ISO/IEC 27001:2013 certification process The Information Security Management System (ISMS) Detailed presentation of the clauses 4 to 8 of the ISO/IEC 27001:2013 standard Day 2: Planning and Launching an ISMS audit Fundamental concepts and principles of auditing Audit approach based on evidence and on risk Preparation of an ISO/IEC 27001:2013 certification audit Documentation of an ISMS audit Conducting an opening meeting Day 3: Conducting an ISO27001 audit Communication during the audit Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation Drafting test plans Formulation of audit findings Drafting of nonconformity reports Operations management of an ISMS Day 4: Concluding and ensuring the follow-up of an ISO 27001 audit Audit documentation Quality Review Conducting a closing meeting and Conclusion of an ISO/IEC 27001:2013 audit Evaluation of corrective action plans Surveillance Audit Audit management program Day 5: Exam Prerequisites ISMS Foundation Training or a basic knowledge of ISO/IEC 27001:2005 and ISO/IEC 27002:2013 is recommended Educational approach This training is based on both theory and practice: Sessions of lectures illustrated with examples based on real cases Practical exercises based on a full case study including role playing and oral presentations Review exercises to assist the exam preparation Practice test similar to the certification exam Examination and certification The “Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains: Domain 1: Fundamental Principles and Concepts of Information Security Domain 2: Information Security Management System (ISMS) Domain 3: Fundamental Audit Concepts and Principles Domain 4: Preparation of an ISO 27001 audit Domain 5: Conducting an ISO 27001 audit Domain 6: Closing an ISO 27001 audit Domain 7: Managing an ISO 27001 audit program The “Certified ISO/IEC 27001 Lead Auditor” exam is available in different languages (the complete list of languages can be found in the examination application form) Duration: 3 hours For more information about the exam, refer to PECB section on ISO 27001 Lead Auditor After successfully completing the exam, participants can apply for the credentials of Certified ISO/IEC 27001 Provisional Implementer, Certified ISO/IEC 27001 Implementer or Certified ISO/IEC 27001 Lead Implementer, depending on their level of experience. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. For more information about ISO 27001 certifications and PECB certification process, refer to PECB section on ISO 27001 Lead Auditor. General Information Certification fees are included in the exam price A student manual containing over 450 pages of information and practical examples will be distributed to participants A participation certificate of 31 CPE (Continuing Professional Education)credits will be issued to participants In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions