Course Description
This 5-day PECB ISO/IEC-27001 Lead Auditor Training and Certification course Saudi Arabia from Unichrone. Enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS), and manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participants will acquire the knowledge and skills needed to proficiently plan and perform internal and external audits in compliance with certification process of the ISO/IEC 27001 standard. Based on practical exercises, the participants will develop the skills (mastering audit techniques) and competencies (managing audit teams and
audit program, communicating with customers, conflict resolution, etc.) necessary to conduct an audit efficiently.

Course Overview
Day1:

Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001
▶ Normative, regulatory and legal framework related to Information Security
▶ Fundamental principles of Information Security
▶ The ISO/IEC 27001 certification process
▶ Detailed presentation of the clauses of ISO/IEC 27001

Day 2:

Planning and initiating an ISO/IEC 27001 audit
▶ Fundamental audit concepts and principles
▶ Audit the approach based on evidence and on risk
▶ Preparation of an ISO/IEC 27001 certification audit
▶ Documenting of an ISMS audit

Day 3:

Conducting an ISO/IEC 27001 audit
▶ Communication during the audit
▶ Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
▶ Drafting test plans
▶ Formulation of audit findings, drafting of nonconformity reports

Day 4:

Concluding and ensuring the follow-up of an ISO/IEC 27001 audit
▶ Audit documentation
▶ Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
▶ Evaluation of corrective action plans
▶ ISO/IEC 27001 surveillance audit and audit management program

Day 5:

Examination

Learning Objectives

▶ To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
▶ To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications
of ISO 17021 and ISO 27006
▶ To acquire necessary expertise for managing an ISMS audit team
▶ To understand the operation of an ISO/IEC 27001

Examination

The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully eets the requirements of the PECB Examination and Certification
Program (ECP). The exam covers the following competence domains:
Domain 1: Fundamental principles and concepts in Information Security
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System (ISMS)
Domain 2: Information Security Management System (ISMS)
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and illustrate the main
concepts and components of an Information Security Management System based on ISO/IEC 27001
Domain 3: Fundamental Audit Concepts and Principles
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can understand, interpret and apply the main concepts
and principles related to an ISMS audit in the context of ISO/IEC 27001
Domain 4: Preparation of an ISO/IEC 27001 audit
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can prepare appropriately an ISMS audit in the context
of ISO/IEC 27001
Domain 5: Conduct of an ISO/IEC 27001 audit
Main Objective: To ensure that the ISO 27001 Lead Auditor candidate can conduct efficiently an ISMS audit in the context of
ISO/IEC 27001
Domain 6: Conclusion and follow-up of an ISO/IEC 27001 audit
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor candidate can conclude an ISMS audit, and conduct the followup
activities in the context of ISO/IEC 27001
Domain 7: Management of an ISO/IEC 27001 audit program
Main Objective: To ensure that the ISO/IEC 27001 Lead Auditor understands how to establish and manage an ISMS audit program
▶ The “PECB Certified ISO/IEC 27001 Lead Auditor” exam is available in different languages, such as English, French, Spanish
and Portuguese
▶ Duration: 3 hours