Bluezone InfoSeq
Bluezone Academy

Upskill Yourself with ISO Training

ISO 27001:2022 Lead Auditor Training

Information Technology-security Techniques- Information Security management systems- Requirements

EXEMPLAR GLOBAL Approved Lead Auditor Training Program

Course Overview

  • Familiarize yourself with latest ISO/IEC 27001:2022 requirements.
  • Know what has changed in the new standard.
  • Get an overview of ISO/IEC 27001:2022 standard and the benefits of certification.
  • Know about the Information security system controls for treating information security risks.
  • Understand ISO/IEC 27001:2022 documentation, including ISMS manual list of procedures and records, and how to check them as a lead auditor.
  • Know about the types of auditing and questioning techniques.
  • Understand how to perform and/or lead certification audits with the use of audit checklists.
  • Understand the concepts of risk management, risk evaluation and treatment
  • Understand the components and format of Statement of Applicability (SOA)
  • Get confidence to conduct opening and closing meetings during any audit
  • Know about the types of nonconformities and how to close them
  • Enable yourself to lead an audit team for ISO/IEC 27001:2022 certification audits.

Course Coverage & Benefits

  • Overview of ISO/IEC 27001:2022 Information Security Management System
  • Terms and Definitions
  • ISO/IEC 27001:2022 Requirements
  • ISO/IEC 27001:2022 ISMS Controls
  • Documented Information
  • Risk Management (includes risk assessment and risk treatment)
  • ISMS Internal Audit Process
  • Roles & Responsibilities
  • Performing an ISMS Audit
  • Nonconformity and Corrective Action
  • Incident Management Process
  • Business Continuity Plan & Disaster Recovery Plan
  • Business Impact Analysis
  • The principles, techniques, and types of auditing
  • To get familiar with analysing and evaluating various risks
  • To launch and implement an ISMS in an organisation
  • Statement of Applicability (SOA)
  • Summary of the changes to ISO 27001 and ISO 27002
  • Auditing the new, the merged and the renamed controls
  • Auditing an upgraded ISMS
  • Information technology, security techniques and security management systems
  • Auditing an ISMS that protects information assets such as financial data, customer records and proprietary corporate information
  • Be prepared for a successful third party ISO/IEC 27001 assessment
  • Be able to audit according to internationally recognized best practice (ISO 19011:2018)
  • Network with like minded peers
  • Develop professionally and gain a recognized qualification

© 2025, Bluezone Infoseq