Course Overview

This CPD-UK approved five-day course develops the practical competence required to plan, lead, and report first, second, and third-party audits of an ISMS against ISO/IEC 27001:2022. The programme draws on ISO 19011:2018 and ISO/IEC 17021-1, with extensive practical work focused on auditing all 93 Annex A controls, risk treatment plans, and the Statement of Applicability.

Who Should Attend

• Senior internal auditors progressing to lead audit responsibilities
• ISMS consultants serving regulated and high-trust sectors
• Trainee auditors at certification bodies
• CISOs and senior InfoSec leaders pursuing advanced auditor competence

What You Will Learn

• Plan, lead, and manage full ISMS audits – stage 1 readiness through stage 2 conformity assessment
• Audit risk treatment plans, Statement of Applicability, and Annex A controls
• Apply ISO 19011 and ISO/IEC 17021-1 to certification-style ISMS audits
• Manage audit teams, conduct opening and closing meetings, and handle audit conflicts
• Grade and report nonconformities with evidence-based precision
• Recommend audit decisions and follow up corrective actions

Course Content

• ISO/IEC 27001:2022 deep dive and the role of the ISMS Lead Auditor
• Audit principles, audit programme, and audit planning
• Stage 1 audit – documentation review, SoA, and risk review
• Stage 2 audit – auditing Annex A controls
• Audit team leadership and time management
• Nonconformity grading, evidence chains, and audit reporting
• Audit follow-up, corrective action verification, and closure
• Practical role-play audits, mock-audit case studies, and group exercises throughout

Methodology

A highly interactive, case-based programme. Participants take turns leading mock audits, with scenarios drawn from SaaS, fintech, and enterprise-IT contexts.

Assessment

Continuous assessment is conducted throughout, complemented by a final written examination on day five. Participants achieving the required pass marks are awarded the Lead Auditor certificate.

Certificate

Prerequisites