* Dual Certification Program *

Summary | Cost | Why ISLF | Who | Objectives | What You Get | Notes | Agenda | Exam


CISPCM Cert Badge PrintThe Certified Information Security Program Compliance Manager (CISPCM™) course is a four-day information packed learning experience designed to develop a level of competence to support the internal and external compliance management of an organizational Information Security Program for defined controls under ISO 27001, as well as additionally mandated control under the mandatory Legal & Regulatory review requirement of the standard. Drawing upon best practices from ISO 27001 and ISO 19011, students will learn the fundamental requirements to build internal compliance and audit programs and perform a certification audit.

To develop a well rounded understanding of the standard’s expectations, students will be familiarized with the supplementary guidance offered by ISO using ISO 17021, ISO 27024 ,ISO 27002, ISO 27006, ISO 27007, and more.


The course will be offered as an intense four-day course at seminars hosted by accredited Training Partners.

Why ISLF Training

The Certified Information Security Governance Leader training’s development was led by experienced international ISO certified instructors with years of implementation, audit as well as, training development and delivery experience. The ISLF training program is unique in that the ISLF establishes the training and certification scheme, and the training material. How do we differ from other offerings you might find out on the market:

  • We offer high-demand certification training at accessible prices
  • Our training courses are based on an official study guide
  • We minimize out of office time, by offering course reading assignments.
  • Courses are developed based on standards developed by the ISLF, which includes a course training standard (scheme) and exams.
  • Our industry leading exam pass guarantee – If you don’t pass, you can attend another session of the course within the next 12 months for free to help you get prepared to rewrite the exam.
  • Our instructors go through a rigorous screening and training process, resulting in the assignment of the credential as an ISLF Certified Instructors

Who Should Take This Course?

  • Compliance Managers and staff seeking to incorporate Information Security within the scope of their holistic compliance program, and demonstrate required competence for the purposes of ISO 27001 certification.
  • Auditor Managers and Auditors seeking to incorporate Information Security within the scope of their holistic audit program, and demonstrate required competence for the purposes of ISO 27001 certification.
  • Information Security professionals and managers involved in any aspect of the development, roll-out or operational maintenance of an Information Security Program.
  • IT Managers and professionals, Project Managers, and consultants wanting to prepare and to support an organization in the implementation or maintenance of an Information Security Program.
  • Auditors who want to understand and be able to demonstrate competence in an Information Security Management System implementation
  • Persons responsible for information security or its conformity in an organization
  • Consultants looking to understand and support clients implementing and information security management system and specifically the strategy and policy & standards components.
  • Corporate / industrial / physical security specialists
  • Technical experts wanting to prepare for an Information Security management function or for an information security project management role
  • Attorneys supporting the legal aspects of an information security program

Learning Objectives

  • Understand the requirements for information security compliance (including internal and external audit) mandated by the ISO 27001standard, including those mandated under legal and regulatory requirements, and general best practices.
  • Master the concepts, approaches, standards, methods and techniques required for the effective planning, design, development, implementation and maintenance of information security compliance.
  • Understand how to engage stakeholders in the process to secure their buy-in and support.
  • Develop the expertise to identify legal and legislative requirements mandated for your organization’s compliance.
  • Master the approach to collate and organize the high volume of requirements, and develop a structured compliance framework to build upon.

What You Get!

Students will receive:

  1. a copy of all slides presented during the class;
  2. a certificate of completion awarding 27 Continuing Professional Development (CDP) units;
  3. A Student Information Package (SIP) with study tips and other helpful and insightful information for the course and exam; and
  4. An exam and certification application voucher.


  • Student are prohibited from recording any session(s).
  • Prior to the course, students will be enrolled by their assigned instructor in the ISLF’s Learning Center and receive per-course reading assignments. It will be assumed at the beginning of the course, these reading assignments have been completed.
  • All student material for this course will be provided in electronic format. All material will be sent to the student prior to the first day of the course. Due to courses being continually updated, it is typically delivered within the two weeks prior to the course commencement.


Course Agenda

Day 1 – Introduction and Planning for the Audit and Certification of an Information Security Management System (ISMS) based on ISO 27001

  • Normative, regulatory and legal framework related to information security
  • Fundamental principles of information security
  • The ISO 27001 certification process
  • The Information Security Management System (ISMS)
  • Detailed presentation of the clauses 4 to 8 of the ISO 27001 standard
  • Fundamental audit concepts and principles
  • Audit approach based on evidence and on risk
  • Preparation of an ISO 27001 certification audit
  • Documenting of an ISMS audit
  • Conducting an opening meeting

Day 2Conducting an ISO 27001 Audit

  • Communication during the audit
  • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
  • Drafting test plans
  • Formulation of audit findings
  • Drafting of nonconformity reports

Day 3 – Concluding and ensuring the follow-up of an ISO 27001 audit

  • Audit documentation
  • Quality review
  • Conducting a closing meeting and conclusion of an ISO27001 audit
  • Evaluation of corrective action plans
  • Surveillance audit
  • Audit management program
  • Internal audit and second party audit

Day 4 – Exam



General Exam Information

This course satisfies the standards and requirements set-out by the accrediting authority, the Information Security Leadership Forum.

The exam is taken by students on the final day of training between the hours of 9:00 AM – 12:00 PM local time. It is composed of a combination of multiple choice and essay questions, and is administered as an open book exam.

Students are required to arrive no later than 8:30 AM to receive exam instructions and final information, and will have three-hours to complete it.

The only items students may have with them during the exam are: pens, food and drink, the student binder, a dictionary, and the exam itself. All electronic devices, backpacks, purses, and other personal items must be stored at the front of the classroom during the exam.

Exam Results

Students will receive official exam results, typically within one week from the exam date.

* Please note, we do not disclose any additional details on the exam, including number of questions, percentage or weighting based on training content, or any other details.

Terms & Conditions

  • Students are prohibited from recording (audio or video) any session(s), or portions of any session.
  • Students will receive a discount code for a free membership with the Information Security Leadership Forum. This code is only valid for use by the registered student. Students must register and setup an account prior to the commencement of the course.
  • Unless otherwise specified, meals and lodging are not included in the fee, nor provided by the organizer during the course.
  • The organizer reserves the right to cancel, change the dates and location, including converting the course to 100% online.
  • The organizer is not responsible for any travel or other expense incurred by a student.
  • All sales are final. There are no refunds, exchanges, or student substitutions.


  1. Already ISO 27001 Auditor Certified? If you have an existing active certification with another recognized certification authority and would like to convert over to an ISLF certification, you may elect to challenge our exam for a fee of $30 + $100 for your first year’s certification maintenance fee.
  2. Have the extensive experience but no training, and want to challenge the exam? If you already meet the certification experience criteria and want to challenge the exam, we’re happy to accommodate. You can purchase an exam voucher and application fee ($500) and sit for an exam without taking the training. We strongly recommend, before taking this option, you purchase ($150) a copy of the course study guide and review it in detail. To challenge the exam, you must take the exam in person on the last day of one of an official onsite course.