ISO 27001 qualifications: Lead Auditor or Lead Implementer?

If you’re new to ISO 27001the international standard for information security management, you might be finding it difficult to choose a training course that suits your needs. 

A problem many people have is deciding between a lead auditor and a lead implementer training course. 

What’s the difference between the two? It really is as obvious as it sounds: an implementer implements an ISMS (information security management system) in accordance with ISO 27001 and an auditor audits a third party’s ISMS. (It’s not good practice to audit your own implementation of the Standard.) 

If you’re a practitioner who wants to learn how to implement information security best practice in your organisation, a lead implementer course is for you. 

A lead auditor course, on the other hand, is for information security professionals who want to be able to audit and certify an ISMS to ISO 27001. 

ISO 27001 training with IT Governance

IT Governance is the world’s leading provider of classroom and online ISO 27001 training. Our team led the world’s first ISO 27001 certification project, and we’ve helped more than 7,000 professionals with ISO 27001 training on ISMS implementations and audits. 

Our ISMS lead implementer and lead auditor training courses are available in classroom and Live Online formats. 

Let’s take a look at what those courses contain and how you can get started. 

Certified ISO 27001 ISMS Lead Implementer Training Course

Developed by Alan Calder and Steve Watkins, authors ofIT Governance: An International Guide to Data Security and ISO27001/ISO27002, this three-day course equips you with the skills to lead an ISO 27001-compliant ISMS implementation project. 


The course covers topics such as: 

  • How to gain senior management’s approval for an ISO 27001 compliance project; 
  • The role and structure of an information security policy; 
  • How to determine the scope of your ISMS based on the requirements of ISO 27001; 
  • The definition of risk in ISO 27001 and options for risk assessments under the Standard; 
  • The benefits of, and key issues when selecting, a risk assessment tool; and 
  • How to carry out an information security risk assessment. 

This training course is available in classroomonlinedistance learning and in-house format. 

The classroom version of this course is now available in Amsterdam and Dublin. 

Book your place

Certified ISO 27001 ISMS Lead Auditor Training Course

Begin your journey as an ISO 27001 lead auditor with this four-and-a-half-day training course that’s designed to develop practical knowledge and auditing skills. 

You’ll learn the requirements and the methodology employed by an external ISO 27001 lead auditor, which is crucial to the success of any ISO 27001 implementation project. 

The course covers topics such as: 

  • An overview of the structure and requirements of ISO 27001; 
  • The audit process used by certification bodies; 
  • How to use audits to monitor conformance; 
  • Critical skills required for performing an audit; 
  • How to continually improve the ISMS; and 
  • How to conduct an audit follow-up. 

This training course is available in classroomonline and in-house format. 

The classroom version of this course is now available in Amsterdam and Dublin. 

Book your place

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.