ISO/IEC 27001:2022 Lead Auditor («IS27A»)

The ISO/IEC 27001 Lead Auditor course provides the necessary expertise to conduct an ISMS (Information Security Management System) audit using generally accepted audit principles, procedures and techniques.

1 Introduction to the information security management system (ISMS) and ISO/IEC 27001

• Training course objectives and structure
• Standards and regulatory frameworks
• Certification process
• Fundamental concepts and principles of information security
• Information security management system (ISMS)

2 Audit principles, preparation, and initiation of an audit

• Fundamental audit concepts and principles
• The impact of trends and technology in auditing
• Evidence-based auditing
• Risk-based auditing
• Initiation of the audit process
• Stage 1 audit

3 On-site audit activities

• Preparing for stage 2 audit
• Stage 2 audit
• Communication during the audit
• Audit procedures
• Creating audit test plans

4 Closing the audit

• Drafting audit findings and nonconformity reports
• Audit documentation and quality review
• Closing of the audit
• Evaluation of action plans by the auditor
• Beyond the initial audit
• Managing an internal audit program
• Closing of the training course

5 Certification Exam

The course content is based on the official PECB examination syllabus.

Consists of the following modules

• ISO/IEC 27001:2022 Lead Auditor Course
• ISO/IEC 27001:2022 Lead Auditor Brush-up

The lessons are held in German with German documentation. When booking the training, you have the choice of ordering your personal learning materials in German or English. The exam is also provided in this language.

Impulses and best practice examples of ISMS audits.

Exercises are based on a case study. 

Numerous test questions (structured similarly to the certification exam) prepare you for the final exam.

This course is aimed at:

• Auditors who want to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants who want to master an information security management system audit process
• Individuals responsible for ensuring compliance with information security management system requirements
• Technical experts preparing for an information security management system audit and information security management consultants

No formal requirements.

The PECB Certified ISO/IEC 27001 Lead Auditor exam is fully compliant with the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following domains:

• Domain 1: Information Security Management System (ISMS) principles and concepts
• Domain 2: Information Security Management System (ISMS)
• Domain 3: Basic audit concepts and principles
• Domain 4: Preparing for an ISO/IEC 27001 audit
• Domain 5: Conducting an ISO/IEC 27001 audit
• Domain 6: Concluding an ISO/IEC 27001 audit
• Domain 7: Managing an ISO/IEC 27001 audit programme

The exam is available in English and German.

Exam format
Online (you will receive an exam voucher from Digicomp), multiple choice, Number of questions 80, Duration: 180 minutes, Language: English, open book.

Exam language & duration
If you choose an examination language that is not your mother tongue, you will receive 30 minutes more time.

• ISO/IEC 27001 Lead Auditor

Digicomp is an Authorised Training Partner (ATP) of the PECB (Professional Evaluation and Certification Board).