HomeCoursesInformation Security › ISO/IEC 27034 Lead Application Security Auditor
Information Security Lead Auditor EN Coaching FR

ISO/IEC 27034 Lead Application Security Auditor

Build the skill to audit application security programs based on ISO/IEC 27034, assessing governance, implementation and maintenance through structured audit methodologies aligned with ISO/IEC 17021-1 and ISO 19011.

5 daysof training
Leadadvanced level
ENlanguages
OfficialPECB exam incl.

Who is this course for?

  • Application security auditors and audit team leaders
  • IT and information security professionals managing application security
  • Compliance consultants and assessment managers
  • Audit team members preparing for ISO/IEC 27034 evaluations

What you'll gain

  • The PECB Certified ISO/IEC 27034 Lead Auditor credential, recognised internationally
  • The ability to lead ISO/IEC 27034 audits per ISO/IEC 17021-1 and ISO 19011
  • Command of application security auditing of the ONF/ANF
  • A specialised auditor profile in application security

Course programme

Day 1 · Foundational concepts and audit principles
  • Application security and the ISO/IEC 27034 series
  • Audit principles, ISO/IEC 17021-1 and ISO 19011
  • Context and scope of the audit
Day 2 · Preparing the audit
  • Audit planning and documentation review
  • Preparing audit activities and the audit plan
  • Working documents and sampling
Day 3 · Conducting the audit
  • On-site activities and evidence collection
  • Audit findings and nonconformities
  • Communication during the audit
Day 4 · Closing the audit and managing an audit programme
  • Audit conclusions and reporting
  • Follow-up and closing the audit
  • Managing an audit programme and competence
Day 5 · Certification exam
  • Review and mock exam
  • Official "PECB Certified ISO/IEC 27034 Lead Auditor" exam (3 hours)

Exam, credits & certification

3 h
Duration of the official PECB exam
31 CPD
Continuing Professional Development credits granted by the course
Included
Exam, marking and first issue of the certification, included in the price

Once you pass the exam, you can apply for the "PECB Certified ISO/IEC 27034 Lead Application Security Auditor" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing first time is no longer a source of pressure. CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.

Your trainer

Ricardo Coronel Lemus, PECB trainer

Ricardo Coronel Lemus

Practising GRC / vCISO consultant · PECB Certified Trainer (CT6496)

More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. I don't approach these standards theoretically: I apply them day to day with real clients: that's what I bring to the coaching and exam preparation I offer.

ISO 27001 Lead Auditor / Lead Implementer CISSPCISMCRISCCCISODORA Lead ManagerPCI DSS - PCIP

Frequently asked questions

Do I need any prerequisites?
There are no formal prerequisites. A basic familiarity with ISO 27001 (for example the Foundation level) is recommended, but not required.
What language is the exam in?
The official PECB material and exam for this course are available in the languages shown on this page. Coaching is delivered in English to prepare you thoroughly. If you need a specific language, contact us and we will confirm it.
What is the difference between Self-Study and Self-Study + Coaching?
Self-Study gives you the official material, the exam and the certification to progress at your own pace. The coaching option adds one-to-one sessions with me, real-world case studies and guided exam preparation: I support you until you feel ready to get certified.
What if I don't pass the exam?
The PECB exam includes 2 attempts: the first plus a free retake usable within the following 12 months. So a failure doesn't leave you stranded. What's more, with the coaching option we prepare for the exam together with mock exams so that you arrive with confidence.
Is it useful alongside ISO 27001 audits?
Yes. ISO/IEC 27034 auditing complements ISO/IEC 27001 by focusing specifically on application security, and it follows the same audit principles (ISO/IEC 17021-1, ISO 19011).

Ready to get certified as an application security auditor?

Choose your option above and enrol online. A question or need some advice? Write to me or book a call.