Lead Auditor ISO/IEC 27001:2022 ISMS


The internationally recognized Information security Management System Standard (ISMS) has now been updated to its latest ISO/IEC 27001:2022 version.


ISO/IEC 27001:2022 Information security Management System has proven to be highly beneficial for all types of organizations regardless of their type or size, since confidential data exist in all kinds of businesses and cyber-attacks become more common every day. Leaving this information exposed can be a serious threat to organizations’ stability. ISO/IEC 27001:2022 standard sets the grounds for the security of such information and is thus highly beneficial for the protection of an organization.

Gain the knowledge and skills to audit and improve your company’s Information security management systems with our Lead Auditor ISO/IEC 27001:2022 ISMS course.


Aims & Objectives
  • Deliver the key requirements and benefits of ISO/IEC 27001:2022
  • Outline the steps towards effective Management of information security
  • Compare ISO/IEC 27001 towards previous version
  • Manage information security risks and hazards effectively
  • Provide the application of risk-based thinking, frameworks and process management
  • Present the key auditing techniques to plan, conduct and follow-up actions

Learning Outcomes

Having successfully completed this course you will be able to:

  • Learn the importance and benefits of an ISO/IEC 27001:2022 ISMS
  • Understand the key requirements, terms and definitions of ISO/IEC 27001:2022 ISMS and its structure
  • Grasp the application of business continuity-based thinking, leadership and process management, Plan-Do-Check-Act
  • Explain the role of an auditor to plan, conduct, report and follow up an audit in accordance with ISO/IEC 27001:2022 ISMS
  • Conduct effective audits in any auditing situation
  • Establish and plan the activities of an audit team
  • Communicate effectively with the auditee and audit client
  • Organise and direct audit team members
  • Prepare and complete the audit report
  • Use remote auditing methods

Who should attend?
  • Managers
  • Business professionals
  • Management system professionals
  • ISO Consultants
  • Information security, finance, customer care/support, R&D and IT personnel

Prerequisite skills & knowledge: None required

Available in-house/distant learning? Yes

Created by: LiberoAssurance Continuous Professional Development Training Centre
Part A Contents: ISO/IEC 27001:2012 Awareness
  • Management Systems
  • Goals of a Management System
  • ISO/IEC 27001:2022 Structure
Clauses 0-3
  • Introduction
  • Scope
  • Normative references
  • Terms and definitions
Context of the organization
  • Introduction to company’s context
  • Understanding the organization, its context and interested parties
  • Scope of the ISMS ISMS Processes
  • Leadership and commitment
  • Information Security Policy
  • Organizational roles, responsibilities and authorities
  • Actions to address risks and opportunities
  • Information security objectives and planning to achieve them
  • Planning of changes
  • Resources
  • Competence
  • Awareness
  • Communication
  • Documented information
  • Operational planning and control
  • Information security risk assessment
  • Information security risk treatment
Performance evaluation (Monitoring and Evaluation)
  • Monitoring, measurement, analysis and evaluation
  • Internal audit
  • Management review


  • Continual improvement
  • Nonconformity & corrective action


Annex A
  • Example
  • ISO 27001 Project Plan
Part B: ISO 27001:2013 Lead Auditor
The Audit
  • What is an audit?
  • Why Audit?
  • Audit Types
Audit steps
  • Audit Plan
  • Developing Checklists
  • Opening Meeting
  • Conducting the Audit
  • Closing Meeting
  • Audit Report
  • Audit Follow-up Activities
Audit programme
  • Establishing the audit programme objectives
  • Identifying and evaluating audit programme risks and opportunities
  • Process flow for the management of an audit programme (Ref ISO 19011)
  • Managing an audit programme
  • Audit programme Implementation
  • Process of collecting and verifying information
  • Monitoring audit programme
  • Improving audit programme
Accreditation & Certification
  • Accreditation & Certification Bodies
  • Certification Process
Auditor’s Performance
  • Auditor’s Quality
  • The Auditors conduct
  • Auditor’s Code Conduct
  • Auditor Characteristics
  • Auditor's personal behavior
  • Auditee’s conduct
  • Selecting the audit team members
  • Skills of audit team leaders
  • How to evaluate an Auditor
  • Maintaining and improving auditor competence
Psychological factors during an audit
  • Attitudes and relationships
  • Obstacles and communication
  • Space and Time issues
  • Body language
  • Cultural factors
  • Principles of Listening
  • Questions & questioning
Audit tips and techniques
  • Tips to trained auditor
  • Question Technique
  • Competence of the audit programme manager

Exam & Certification
  • Exam for ISO/IEC 27001:2022 Lead auditor
  • ISO/IEC 27001:2022 Lead Auditor Certificate
Teaching Methods
  • Detailed seminar presentations
  • Terms and definitions
  • No. of slides: 205

  • Reading lists and resources available in presentations

Study time allocation
  • Private study hours: 24
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment Duration: 90 days (starting from the date of purchase)
  • CPD Points: 24
  • ECTS/ECVET Points: 0.8

Assessment methods


% contribution to final mark

% Minimum passing grade

Exam for ISO/IEC 27001:2022 Information Security Management System Lead Auditor





On successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’



With the purchase you get :

   Non conformities - Real Examples
   Audit checklist
   Online examination-3 Attempts
   100% Online course
   CPD Accredited eCertificate – Global acceptance 
   Downloadable course material
  E-learning Mobile App
   Enrolment: 3 months
   Flexible schedule
   Language: English


250,00 € each

© Copyright LiberoGroup  All rights reserved.