HomeCoursesInformation Security › ISO/IEC 27001 Lead Auditor
Information Security Lead Auditor FR · ES · EN

ISO/IEC 27001 Lead Auditor

Gain the skills to plan and lead audits of an Information Security Management System (ISMS) compliant with ISO/IEC 27001, along with the audit techniques of ISO 19011. The key credential for internal and external auditors.

5 daysof training
Leadadvanced level
FR · ES · ENofficial material
OfficialPECB exam incl.

Who is this course for?

  • Internal and external auditors who want to prove their ISO 27001 competence
  • Consultants who want to offer audit services to their clients
  • Security managers who oversee audits of their ISMS
  • Professionals who want to combine implementation and auditing (a complete profile)

What you'll gain

  • The PECB Certified ISO/IEC 27001 Lead Auditor credential, recognised internationally
  • The ability to plan and lead full audits of an ISMS
  • Command of audit techniques (ISO 19011) and the management of findings
  • A profile in high demand among consultants and certification bodies

Course programme

Day 1 · ISMS fundamentals and audit principles
  • Concepts of ISO/IEC 27001 and the ISMS
  • Audit principles and types; ISO 19011 and ISO 17021 standards
  • Risk-based approach to auditing
Day 2 · Preparing an ISO 27001 audit
  • Audit initiation and documentation review
  • Audit plan and preparation of on-site activities
  • Preparation of working documents
Day 3 · Conducting the audit
  • Communicating audit results and collecting evidence
  • Sampling techniques and interviews
  • Drafting findings and non-conformities
Day 4 · Closure, follow-up and audit programme management
  • Audit report and closing meeting
  • Corrective actions and follow-up
  • Managing an audit programme
Day 5 · Certification exam
  • Review and mock exam
  • Official "PECB Certified ISO/IEC 27001 Lead Auditor" exam (3 hours)

Exam, credits & certification

3 h
Duration of the official PECB exam
31 CPD
Continuing Professional Development credits awarded by the course
Included
Exam, marking and first issue of the certification, included in the price

After passing the exam, you can apply for the "PECB Certified ISO/IEC 27001 Lead Auditor" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing on the first try is no longer a source of pressure. The CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.

Your trainer

Ricardo Coronel Lemus, PECB trainer

Ricardo Coronel Lemus

Practising GRC / vCISO consultant · PECB Certified Trainer (CT6496)

More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. I don't approach standards theoretically: I apply them day to day with real clients — that's what I bring to my coaching and exam preparation.

ISO 27001 Lead Auditor / Lead Implementer CISSPCISMCRISCCCISODORA Lead ManagerPCI DSS - PCIP

Frequently asked questions

Do I need any prerequisites?
No formal prerequisites are required. A basic familiarity with ISO 27001 (for example the Foundation level) is recommended, but not mandatory.
What language is the exam in?
The official PECB exam for this course is available in French, Spanish and English. Coaching is delivered in English to prepare you as effectively as possible.
What is the difference between Self-Study and Self-Study + Coaching?
Self-Study gives you the official material, the exam and the certification so you can progress at your own pace. The coaching option adds one-to-one sessions with me, real-world case studies and guided exam preparation: I support you until you feel ready to get certified.
What if I don't pass the exam?
The PECB exam includes 2 attempts: the first plus a free retake usable within the following 12 months. A failure therefore doesn't leave you stranded. What's more, with the coaching option we prepare for the exam together with mock exams so that you arrive with confidence.
Is it useful for NIS2?
Yes. ISO 27001 covers a very significant part of the NIS2 requirements (risk management, incidents, continuity, access control). It's the best starting point while we prepare the dedicated NIS2 course.

Ready to get certified as a Lead Auditor?

Choose your option above and enrol online. A question or need some advice? Write to me or book a call.