ISO/IEC 27001 Lead Auditor
Gain the skills to plan and lead audits of an Information Security Management System (ISMS) compliant with ISO/IEC 27001, along with the audit techniques of ISO 19011. The key credential for internal and external auditors.
Who is this course for?
- Internal and external auditors who want to prove their ISO 27001 competence
- Consultants who want to offer audit services to their clients
- Security managers who oversee audits of their ISMS
- Professionals who want to combine implementation and auditing (a complete profile)
What you'll gain
- The PECB Certified ISO/IEC 27001 Lead Auditor credential, recognised internationally
- The ability to plan and lead full audits of an ISMS
- Command of audit techniques (ISO 19011) and the management of findings
- A profile in high demand among consultants and certification bodies
Course programme
Day 1 · ISMS fundamentals and audit principles
- Concepts of ISO/IEC 27001 and the ISMS
- Audit principles and types; ISO 19011 and ISO 17021 standards
- Risk-based approach to auditing
Day 2 · Preparing an ISO 27001 audit
- Audit initiation and documentation review
- Audit plan and preparation of on-site activities
- Preparation of working documents
Day 3 · Conducting the audit
- Communicating audit results and collecting evidence
- Sampling techniques and interviews
- Drafting findings and non-conformities
Day 4 · Closure, follow-up and audit programme management
- Audit report and closing meeting
- Corrective actions and follow-up
- Managing an audit programme
Day 5 · Certification exam
- Review and mock exam
- Official "PECB Certified ISO/IEC 27001 Lead Auditor" exam (3 hours)
Exam, credits & certification
After passing the exam, you can apply for the "PECB Certified ISO/IEC 27001 Lead Auditor" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing on the first try is no longer a source of pressure. The CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.
Your trainer

Ricardo Coronel Lemus
More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. I don't approach standards theoretically: I apply them day to day with real clients — that's what I bring to my coaching and exam preparation.
Frequently asked questions
Do I need any prerequisites?
What language is the exam in?
What is the difference between Self-Study and Self-Study + Coaching?
What if I don't pass the exam?
Is it useful for NIS2?
Ready to get certified as a Lead Auditor?
Choose your option above and enrol online. A question or need some advice? Write to me or book a call.