Get in Touch

Course Outline

I. Introduction to Information Security
1. Systemic approach to information security management
2. Organizational benefits and added value

II. Overview of ISO 27001 Requirements
1. Key requirements of the standard
2. Critical areas of focus
3. Documentation requirements
4. Overview of Annex A

III. Information Security Management System Compliant with ISO 27001
1. Components of an ISO 27001-compliant Information Security Management System
2. Exercises on interpreting and analyzing ISO 27001 requirements

IV. Audits – General Information
1. Introduction to auditing
2. Overview of the audit process
3. Audit criteria
4. Types of audits

V. Audit Planning and Preparation
1. Defining audit criteria and scope
2. Selecting the audit team
3. Process approach to internal audits
4. Key considerations for developing audit question lists
5. Conducting audits per ISO 19011:2018
6. Practical exercises

VI. Conducting the Audit – On-Site Guidelines
1. Auditing techniques
2. Gathering objective evidence
3. Identifying and demonstrating non-conformities
4. Competencies of the lead auditor
5. Practical exercises

VII. Documenting Audit Results
1. Clear articulation of findings
2. Recording non-conformities
3. Identifying and documenting insights and improvement opportunities
4. Summary of Audit Results – Audit Report
5. Practical exercises

VIII. Effective Post-Audit Activities
1. Responsibilities for initiating corrective actions
2. The importance of accurately determining root causes of non-conformity
3. Defining corrective actions
4. Evaluating the effectiveness of actions taken
5. Post-audit activities related to insights and improvement potentials
6. Practical exercises

IX. Discussion and Summary

Requirements

Target Audience

  • Professionals preparing to take on the role of ISO 27001:2023 Lead Auditor.
  • Any individual with a keen interest in this subject matter.
 35 Hours

Need help picking the right course?
southafrica@nobleprog.co.za or +27 (0)10 005 5793

Testimonials (1)

Speed of response and communication

Bader Bin rubayan - Lean Business Services
Course - ISO/IEC 27001 Lead Implementer

Related Courses

ISO 27001:2023 Internal Auditor of the Information Security Management System

 35 Hours

Objectives

  • Acquire a comprehensive understanding of ISO 27001:2023
  • Learn how to conduct audits in alignment with the standard
  • Explore industry best practices
Read more...

ISO 27001:2023 Requirements

 14 Hours

Objectives

  • Understand the updates in the ISO 27001 2023 edition
  • Learn how to conduct audits in line with the standard
  • Discover industry best practices
Read more...

PECB ISO/IEC 27001 Foundation

 14 Hours

Why should you attend?

The PECB ISO/IEC 27001 Foundation training equips you with the fundamental knowledge required to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. Throughout this course, you will gain a comprehensive understanding of ISMS components, such as policy formulation, procedural guidelines, performance metrics, executive commitment, internal auditing, management reviews, and strategies for continuous improvement.

Upon successful completion of this course, you will be eligible to sit for the examination and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. This certificate validates your grasp of the core methodologies, requirements, framework, and management approaches associated with information security.

Who should attend?

  • Professionals currently engaged in Information Security Management.
  • Individuals aiming to acquire knowledge regarding the primary processes of Information Security Management Systems (ISMS).
  • Those aspiring to build a career in Information Security Management.

Educational approach

  • Lectures are enriched with practical questions and real-world examples.
  • Practical exercises incorporate case studies and interactive discussions.
  • Practice tests mirror the format and rigour of the official Certification Exam.
Read more...

PECB ISO/IEC 27001 Lead Implementer

 35 Hours

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks lies in the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a critical expectation and requirement for customers, legislators, and other key stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, participants may sit for the exam. Those who successfully pass can apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which validates their ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

  • Project managers and consultants involved in or concerned with the implementation of an ISMS
  • Expert advisors aiming to master the implementation of an ISMS
  • Individuals responsible for ensuring conformity to information security requirements within an organization
  • Members of an ISMS implementation team

General information

  • Certification fees are included in the exam price
  • Training material containing over 450 pages of information and practical examples will be distributed
  • A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
  • In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

  • This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
  • The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
  • The exercises are based on a case study.
  • The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

  • Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
  • Understand the operation of an information security management system and its processes based on ISO/IEC 27001
  • Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
  • Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS
Read more...

ISO 9001 and ISO 27001 – Interpretation and Internal Auditor

 21 Hours

ISO 9001 and ISO 27001 stand as globally recognised benchmarks for Quality Management Systems and Information Security Management Systems, respectively.

Designed for professionals at an intermediate level, this instructor-led live training (available online or on-site) focuses on helping participants accurately interpret these standards and execute internal audits with confidence.

Upon completing this training, attendees will be equipped to:

  • Grasp the core principles and specific requirements of ISO 9001 and ISO 27001.
  • Apply clause and control interpretations to practical, real-world scenarios.
  • Effectively plan and execute internal audits that align with ISO standards.
  • Spot nonconformities and propose appropriate corrective actions.

Course Delivery Format

  • Engaging lectures and interactive discussions.
  • Simulated audit exercises and in-depth case studies.
  • Practical analysis of quality and security challenges.

Customisation Options

  • For tailored training arrangements, please reach out to us directly.
Read more...

PECB ISO 27001:2022 Transition

 14 Hours

This instructor-led, live training session in Kenya (available online or onsite) is tailored for intermediate to expert-level IT professionals looking to enhance their competencies and qualifications in information security or allied fields.

By the conclusion of this training, participants will be able to:

  • Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
  • Acquire the knowledge and skills required to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
  • Apply this knowledge in real-world scenarios, thereby facilitating a smooth transition within their respective organizations.
Read more...

Related Categories

ISO 27001
ISO 27001