Certified ISO 27001 Lead Auditor Training Course – ISLF

The Information Security Leadership Forums' Certified ISO 27001 Lead Implementer Course is a 5-day information packed learning experience. Check out the day-by-day course curriculum, and more details on this page. 

Enrollment for our next available

Certified ISO 27001 Lead Auditor Course scheduled for June 26 - 30, 2023

closes at 5:00 PM on June 22, 2023


Before Registration Closes

Important Notes:

1. Training seats are limited, and we do not maintain a waiting list for courses as they book up fast. As such, registration may be closed before the above time, when fully booked.

2. Registration closes at 5:00 PM (US Eastern) on the Thursday, 1 week before the first day of each course, to allow time for us to send electronic versions of course-ware and mandatory communications to each student. The final registration date for each course is posted on the respective course registration page.

Who Should Take This Course?

  • Auditor Managers and Auditors seeking to incorporate Information Security within the scope of their holistic audit program, and demonstrate required competence for the purposes of ISO 27001 certification. 
  • Compliance Managers and staff seeking to incorporate Information Security within the scope of their holistic compliance program, and demonstrate required competence for the purposes of ISO 27001 certification.
  • Information Security professionals and managers involved in any aspect of the development, roll-out, operational maintenance, or conformity requirements of an ISO 27001-based Information Security Management System seeking to understand the audit process and expectations.
  • Consultants looking to understand and support clients implementing and information security management system and specifically the strategy and policy & standards components.
  • Corporate / industrial / physical security specialists looking to understand the compliance dynamics of an information security program,
  • Technical IT specialist wanting to prepare for an Information Security function or for an ISMS project management function
  • Data Privacy, attorneys and other specialists charged with the responsibility for organizational information security in a regulated or service-based industry.

How Does the ISO 27001 Lead Auditor Course Relates to Me?

Select the role that best suite your situation

(Disclaimer: these are not customer testimonials, but rather stories of real companies and situations to help you appreciate how this course may be seen or affect people in different roles. Names and details have been altered for privacy reasons.)

Schedule, Registration, and Cost

For specific dates and locations, please visit the Event Calendar view, or our Scheduled Events page.

Forum members receive an automatic $500 discount during check out off the list price as follows:

Live Online - Regular Price $3,495 to $2,995

In Person - Regular Price  $3,495  to $2,995.

Non-members are welcome to register at the standard list price noted in grey above


1. On-site Training Class Availability is Subject To - No Local Pandemic or Protest / Rioting Restrictions. Where Restrictions Are In Place, The Course will Revert to Live Online.

2. If an early registration or special discount has been offered for a course, but is no longer visible on the course registration page, then the offer has expired and is no longer available to redeem.

3. Member discounts are not stackable with non-member or any other discount offers.

Day One - Introduction and Audit Concepts, for Auditing an Information Security Management Systems (ISMS) based on ISO 27001

  • Course introduction
  • Normative, regulatory and legal framework related to information security
  • The Information Security Management System (ISMS)
  • Overview of ISO 27001 Management Controls
  • Fundamental audit concepts and principles
  • Evidence and risk-base approach to auditing in an ISMS
  • Day Two - Setting Up an Internal Audit Program for ISO 27001 Compliance

  • Developing organizational ISO 27001 Internal Audit governance
  • Developing an ISMS audit plan
  • Developing audit program standard operating procedures
  • Documenting auditor competency requirements
  • Ongoing monitoring of auditors
  • Developing Control-based Audit Test Procedures
  • Auditing ISMS processes and procedures
  • Auditing ISMS policies and standards
  • Day Three - Conducting an ISO 27001-based Internal Audit

  • Audit Planning and Preparation
  • Developing the schedule and expectations for audit coordination meetings
  • Preparing for and leading the audit's opening meeting
  • Conducting interviews
  • Control testings
  • Evidence collection, analysis, corroboration and preservation
  • Documenting controls reviews in the auditor's working papers
  • Day Four - The ISO 27001 Certification Process, Ongoing Management of Non-conformities

  • An overview of the ISO 27001 certification life-cycle
  • Engaging a certification body for ISO 27001 certification
  • Pre-audit preparation
  • Documenting and communicating non-conformities
  • Reviewing the management response to non-conformities
  • Audit working paper preparation and submission
  • Preparation and communication of certification recommendation to certification body
  • Certification decision and decision process
  • Granting and use of certification
  • Monitoring and tracking non-confomities
  • Certification surveillance auditing
  • Re-certification
  • Day Five - Practical & Written Certification Exams

    • Morning: 3 hour written exam
    • Afternoon: Practical Exam - Formal Presentation of Internal Audit of the ISMS to the Organization's Board of Directors


    1. Both written and practical exams are mandatory, in order to meet the certification requirements set out by the Information Security Leadership Forum, this course's certifying body.

    2. Formal business attire is mandatory for you practical exam. Please be sure to pack / dress appropriately. Men are required to wear a jacket and tie, and women the equivalent.

    Learning Objectives

    When designing our Certified ISO 27001 Lead Auditor Course, great care is taken to identify key areas the course must focus on in order to ensure student achieve the goals the course was setup to accomplish. These learning objectives are highlighted as follows:

    Achieve an in-depth understanding of the ISO 27001 certification process.

    Master the concepts, approaches, standards, methods and techniques required for the effective planning, design, development, implementation and maintenance of ISO 27001-based information security audit program.

    Gain an expert level understanding of how to engage stakeholders in the ISO 27001 Audit process.

    Develop the expertise to to perform and lead an ISO 27001-based audit of an organization.

    Master the development of an Internal Audit Program to support the compliance requirements of the ISO 27001 standard.

    What You Get!

    What each student will receive
    • a copy of all slides presented during the class
    • a certificate of completion awarding 35 Continuing Professional Development (CDP) units
    • A free Professional membership with the Information Security Leadership Forum (a $95 value)
    • A Student Information Package (SIP) with study tips and other helpful and insightful information for the course and exam
    • An exam and certification application voucher.

    Certification Exam Information

    What you need to know
    • There are two exams for this course, a practical and a written exam. Students are required to achieve a minimum passing grade in both in order to qualify for certification.
    • The written exam is completed within 3 hours on Friday morning, and is in a multiple choice format. The exam begins punctually at 9:00 AM and ends at 12:00 PM. As such, students must arrive no later than 8:30 AM, at which time the exam instructions will be read to the class, and students may ask any final questions. This exam is an open book exam.
    • The practical exam is completed Friday afternoon with a live presentation to a panel of guest executives (CISO, CIO, CFO, COO, CEO, etc.).
    • All students are required to sign a non-disclosure agreement prior to commencement of the exam, attesting they will not disclose or discuss anything related to either the practical or written exams with any other person(s).
    • Students must bring (1) a copy of their student registration, and (2) at least one state / provincial or federal government issued identification card, both of which must be presented upon entering the examination room. Entrance will not be permitted without both.

    Special Notes

    • In the ticket selection for our courses, "member" versus "non-member" tickets refers to if the individual registering for the course is an active member of the Information Security Leadership Forum in good standing, at the time of course registration, or not. Information Security Leadership Forum members receive significant discount that exceeds the value of membership. If you're not yet a member and want to take advantage of member-only discounts, please sign up for a membership now.
    • Students will receive a discount code for a free membership with the Information Security Leadership Forum. This code is only valid for use by the registered student. Students must register and setup an account at least one week prior to the beginning of your course as there may be pre course work that must be completed, as well as messages from your instructor.
    • Student are prohibited from recording (audio or video) any session(s), or portions of any session, no matter whether the student is attending a classroom-based or online version.
    • All student material for this course will be provided on or before the first day of training, by the course instructor via the Information Security Leadership Forum's Online Training Portal. All course material is copyright protected, and student are prohibited from making any unauthroized electronic or printed copies, or redistrubuting to any person or entity.
    • Student are required to sign a non-compete clause, stating they will not take this course and use the material to create a competing training offering, nor support or participate with any other entity to create and offer a similar commercial fee-based or free offering.
    • Students must bring with them or otherwise have readily accessible, a copy of their course registration with barcode (printed or electronic format), which will be used to take daily attendance on the course. Anyone failing to have this information will be refused access.
    • Students understand that they are individually required to comply with any and all government regulations and restrictions or those imposed by an event venue that are in place, or may be imposed within the jurisdiction where this training is scheduled to take place as it relates to non-resident visa, pandemic outbreaks, protests or other emergency situations.
    • CIMA, the Information Security Leadership Forum, affiliate training delivery partners, and venue organizations and their staff, shall not be responsible to provision or assist in the provisioning of any item to assist a student registered for training with us, to comply with any government imposed requirements. All students are required to plan for and bring with them or make arrangements for the provisioning of any and all items that may be required for such situations e.g. facial mask, evidence of virus testing, non-resident visa, etc.


    Certification training hosted by the Information Security Leadership Forum, is developed, maintained and delivered by the Center for Information Management and Assurance, the Forum's official certification training partner.


    Get in-depth security news and analysis from the trusted source in the industry

    We don’t spam! Read our privacy policy for more info.