Certified ISO/IEC 27001 Lead Auditor (Instructor-Led Online)

Is this a Certification Course? Yes, this is a certification course. Certification and examination fees are included in the price of the training course.

Delivery Model: Instructor-Led Online

Exam Duration: 3 hours

Retake Exam: You can retake the exam once within one year

Request more information


Looking for a Self-Study course?   Click Here.

Price: US$ 1950 / CAD$ 2600

Enroll Now

 

ISO/IEC 27001 Lead Auditor 


ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.


Why should you take this course?


During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.


Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.


After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.


 Who should take this course?


Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits

Managers or consultants seeking to master an Information Security Management System audit process

Individuals responsible for maintaining conformance with Information Security Management System requirements

Technical experts seeking to prepare for an Information Security Management System audit 

Expert advisors in Information Security Management


Learning objectives


By the end of this training course, the participants will be able to:


Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001

Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor

Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles

Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing

Manage an ISO/IEC 27001 audit program


Educational approach


This training is based on both theory and best practices used in ISMS audits

Lecture sessions are illustrated with examples based on case studies

Practical exercises are based on a case study which includes role playing and discussions

Practice tests are similar to the Certification Exam


Prerequisites


A fundamental understanding of ISO/IEC 27001 and comprehensive knowledge of audit principles.




Course Content


Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001


Day 2: Audit principles, preparation, and initiation of an audit


Day 3: On-site audit activities


Day 4: Closing the audit


Day 5: Certification Exam 


Examination


The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:


Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)


Domain 2: Information Security Management System (ISMS)


Domain 3: Fundamental audit concepts and principles


Domain 4: Preparation of an ISO/IEC 27001 audit


Domain 5: Conducting an ISO/IEC 27001 audit


Domain 6: Closing an ISO/IEC 27001 audit


Domain 7: Managing an ISO/IEC 27001 audit program


For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.


Certification


After successfully completing the exam, you can apply for the credentials. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.


Note: PECB Certified Individuals who do possess the Lead Implementer and Lead Auditor Credentials are qualified for the respective PECB Master Credential, given they have taken 4 additional Foundation Exams which are related to this scheme. For more detailed information about the Foundation Exams and the overall Master Requirements, please go to the following link: https://pecb.com/en/master-credentials.  


To be considered valid, these audits should follow best audit practices and include the following activities:


Audit planning

Audit interview

Managing an audit program

Drafting audit reports

Drafting non-conformity reports

Drafting audit working documents

Documentation review

On-site Audit

Follow-up on non-conformities

Leading an audit team


General Information


Certification and examination fees are included in the price of the training course

Training material containing over 450 pages of information and practical examples will be distributed

In case of exam failure, you can retake the exam within 12 months for free

 


Price: US$ 1950 / CAD$ 2600

Download the Brochure
Certification Candidate Handbook
Enroll Now

Our latest blog posts

alt=

Your Data Isn't Anonymous — and AI Knows It

November 24, 2025
AI can re-identify individuals hidden in anonymous datasets. Learn how GDPR, the EU AI Act, and strong AI GRC frameworks protect privacy in an algorithmic world.
alt=

Free Training: Safety, Security, and Resilience in AI Systems

November 18, 2025
As AI becomes embedded in critical areas, like healthcare and finance, understanding the concept of safety has never been more important. In this video, we explore how the principles of safety, security and resilience form the foundation of trustworthy AI — preventing harm, protecting against attacks, and ensuring systems can recover from failure. You’ll learn how to apply these concepts in practice using global frameworks like ISO/IEC 42001, the EU AI Act, and the NIST AI RMF, and why these 3 principles must evolve together as part of a responsible AI governance strategy. Interested in learning more? Explore our AI GRC courses here.
alt=

Free Training: Privacy and Data Protection in AI Systems

November 18, 2025
How does AI handle personal data and what does that mean for privacy and compliance? In this video, we explore how artificial intelligence challenges traditional data protection principles, from consent and transparency to data minimisation and accountability. Learn how regulations like the EU AI Act and GDPR are shaping the future of responsible AI, and what GRC professionals need to know to manage privacy risk in intelligent systems. Interested in more information? Explore our AI GRC courses here.
alt=

Free Training: Fairness and Accountability in AI Systems

November 18, 2025
Welcome to this course on Fairness and Non-Discrimination in AI Systems. Fairness in artificial intelligence is not just a desirable quality; it is a fundamental requirement to ensure that AI systems serve people equitably and responsibly. When we talk about fairness, we refer to the absence of systematic bias, unequal treatment, or discrimination in the way AI makes decisions. This is especially critical because AI increasingly influences decisions in sensitive areas such as hiring, credit scoring, healthcare, policing, and education. A biased algorithm in any of these contexts can cause real harm to individuals and communities. The introduction of fairness as a design principle reminds us that AI must operate within the ethical and social expectations of the societies in which it is deployed. Fairness is also about legitimacy: organizations that fail to demonstrate fairness face reputational, legal, and financial risks. Many international frameworks, including ISO/IEC 42001, the European Union Artificial Intelligence Act, and the NIST AI Risk Management Framework, emphasize fairness as a core principle. In this course, we will explore fairness not as an abstract concept but as a practical requirement. We will discuss how unfairness arises, how to detect it, and how to implement safeguards to mitigate discriminatory outcomes. The goal is to equip you with both the conceptual understanding and the practical tools necessary to ensure AI systems are developed, deployed, and monitored with fairness as a guiding principle. To learn more about our AI GRC professional certification training, you can visit us here .
alt=

Free Training: Accountability and Traceability in AI Systems

November 18, 2025
Welcome to this course on accountability and traceability in AI systems. These two principles are at the core of trustworthy artificial intelligence. Accountability ensures that individuals, teams, and organizations remain answerable for decisions and outcomes associated with AI. Traceability, on the other hand, guarantees that the steps leading to those decisions can be tracked, reconstructed, and verified. Together, they provide the backbone of governance, compliance, and trust. In this session, we will explore how accountability and traceability function within AI governance frameworks such as ISO/IEC 42001, the NIST AI Risk Management Framework, and the European Union’s AI Act. We will discuss practical mechanisms such as audit trails, role assignment, data lineage, and documentation processes that make these principles operational. The course is structured into five sections: first, we will introduce the foundations of accountability and traceability. Then, we will examine how international standards and frameworks define these concepts. Next, we will explore mechanisms that organizations can adopt to ensure accountability and traceability across the AI lifecycle. We will also analyze case studies where the absence of these principles resulted in failures or risks. Finally, we will conclude by summarizing benefits, emerging challenges, and actions you can take to strengthen accountability and traceability in your own organization. By the end of this course, you will have a solid understanding of these two governance pillars, why they matter, and how to apply them to ensure safe, responsible, and compliant AI. To learn more about our AI GRC professional certification training, you can visit us here .
alt=

Free Training: Transparency and Explainability in AI Systems

November 18, 2025
This course builds directly on the foundations established in our AI Governance Foundations module and continues our structured series on AI Governance, Risk Management, and Compliance. While the first course introduced the core concepts, principles, and regulatory landscape, this course goes deeper into the essential pillars of transparency and explainability. It is designed to help you understand why these principles matter and apply them in practice, aligning with international standards such as ISO/IEC 42001, the NIST AI Risk Management Framework, and the EU AI Act. Together, these courses form a progressive learning pathway, equipping you with the knowledge and tools to implement, monitor, and audit AI systems responsibly as you advance through the full AI GRC curriculum. Transparency and explainability are two of the most critical principles in the governance of artificial intelligence. They provide the foundation for trust, accountability, and meaningful oversight of AI systems. Transparency refers to making the inner workings, design choices, data sources, and limitations of an AI system visible and understandable to relevant stakeholders. It ensures that users, regulators, auditors, and impacted individuals are not left in the dark when an AI system makes or supports decisions. Explainability, on the other hand, refers to the ability of the AI system to communicate the reasoning behind its outputs in clear, human-understandable terms. While transparency focuses on openness and disclosure, explainability focuses on comprehension and clarity. Transparency and explainability are essential to ensure that AI systems are not “black boxes” but instead are interpretable, predictable, and accountable. This module introduces the objectives, scope, and structure of transparency and explainability, setting the stage for exploring how these principles are embedded in international standards such as ISO/IEC 42001, the NIST AI Risk Management Framework, and the EU AI Act. Participants will also learn about the risks associated with opaque systems, the benefits of making AI interpretable, and the organizational responsibilities in applying these principles throughout the AI lifecycle. By the end of this module, learners should recognize transparency and explainability as mandatory elements for building trustworthy AI systems. To learn more about our AI GRC professional certification training, you can visit us here .
alt=

The Hidden Privacy Risks Inside AI Data Training (and how Governance Frameworks Help Prevent Data Leakage in AI Models)

November 17, 2025
AI training data can unintentionally expose personal information through model memorization and data leakage. Governance frameworks such as ISO/IEC 42001 and the NIST AI RMF can help organizations mitigate these privacy risks.
alt=

From GRC to AI GRC: 6 Skills You Already Have (and 4 More You Need to Learn)

November 5, 2025
You already know how to manage risk. Now it's time to manage intelligence. If you’ve worked in Governance, Risk, and Compliance (GRC) for any length of time, you’ve seen waves of transformation: cloud computing, automation, privacy reform. Each one reshaped the way organizations think about control and accountability. Now, artificial intelligence is the next wave. It’s changing how businesses make decisions, assess risk, and build trust. Many professionals look at AI GRC and think it’s a brand-new specialty. In reality, it’s the next chapter of what GRC was always meant to be — a system that keeps technology aligned with ethics, law, and business purpose. And if you’ve been working in traditional GRC, you’re already well prepared. You just need to apply your existing strengths to a new kind of system: one that learns, evolves, and occasionally surprises you.
alt=

How ISO/IEC 42001 Accelerates Your Readiness for the EU AI Act and Other Emerging Laws

October 27, 2025
How do you prepare for compliance with regulations that are both complex and still evolving? ISO/IEC 42001, the first international management system standard for AI, gives businesses a way to govern, monitor, and document their AI systems.

AI Audit Readiness: 7 Things Companies Forget (and How to Fix Them)

October 21, 2025
When businesses prepare for an AI audit, they usually focus on the big issues: data breaches, biased algorithms, or compliance with new regulations. Those are obviously important, but they’re not the reason most audits go wrong. More often than not, companies stumble on the basics. Missing documentation, vague accountability, and inconsistent monitoring. These small gaps are easy to overlook in day-to-day operations, but in an audit, they’re the first things the auditor will look at. Being perfect isn’t the goal when it comes to a successful audit. It’s much more important to get the fundamentals right. In this article, we’ll highlight seven common things companies forget when preparing for AI audits, and more importantly, how to fix them before they become costly mistakes.
Show More