Skip to Main Content
Certified ISO 27001:2022 ISMS Lead Implementer Training Course

Certified ISO 27001:2022 ISMS Lead Implementer Training Course

  • Train with the ISO 27001 experts and gain the skills to lead and manage an ISO 27001:2022-compliant ISMS (information security management system) implementation project. 
  • Industry-leading course designed to help you deliver ISO 27001 compliance and enhance your career as an ISO 27001 professional.
  • Successful completion of this three-day course and included exam awards the ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) qualification and 21 CPD/CPE points.
Step 1 - Select location
Step 2 - Select date
Preis: 2.570,00 €
Step 3 - Select quantity

Training course outline

ISO/IEC 27001:2022 is the newest version of ISO 27001 and was published in October 2022. While not significantly different from the previous standard, ISO 27001:2022 has notable changes that include scoping, planning, operation and performance evaluation, and a revised Annex A. 

ISO 27001 professionals must have the knowledge to prepare and help their organisation achieve compliance with the new standard.

This accredited practitioner-led course equips you with the skills to support an organisation in effectively planning, implementing, managing, monitoring and maintaining an ISMS.

It will teach you:

  • The nine critical steps involved in planning, implementing and maintaining an ISO 27001:2022-compliant ISMS;
  • Information security management best practices to ensure data confidentiality, integrity and availability;
  • How to structure and manage your ISO 27001 project; and
  • Typical pitfalls and challenges and how to deal with them.

Certified ISO 27001 ISMS Foundation training course benefits

 Designed by experts

Designed by IT Governance Director Steve Watkins, a contracted technical assessor for UKAS.

 Delivered by professionals

Real-world practitioners show you how to tackle an ISMS project from start to finish.

 Fast-track to certification

Achieve a globally recognised ISO 27001 qualification in just three days.

 Learn from anywhere

Choose whether you attend Live Online or in person at one of our training venues.

See what our previous learners think about this course


of attendees passed the first time


were happy with the pace of the course


found the course content to meet their expectations


agreed that the course content was relevant.

“I was delighted to attend a three-day full course presented by a very intelligent, highly professional, and very well-prepared trainer. It was a pleasure to listen to him. He was very knowledgeable, very focused, used several case studies and involved the majority of participants. He never changed a topic without making sure that we were comfortable with the information provided. I wish him all the very best!”

- Janos Nagy, Principal Consultant


“Booking the course and pre-course administration was very easy due to the help and support from IT Governance employees, who greatly helped my learning experience. The delivery of the course was excellent. The instructor was very aware of the class and online audience and made it very easy to engage. He also made it easy to follow the course content with how the cameras were set up. This could easily be business as usual for this type of course.”

- Jeff Howard, Communications Security Assurance Advisor


“I took the online version of this course which was SO helpful. Lots of useful and practical content that I could relate to and then take back to my organisation. The live online option meant I didn't have to take time out to travel and could keep on top of work emails, etc. Also, I had the joy of Alan Calder as my trainer.”

- Melanie


"Great course! I attended the classroom version in London and thoroughly enjoyed it. Despite having lots to cover, the course material was delivered at a good pace and covered everything you needed to pass the included exam.”

- Chloe


"I attended this course in-person training prior to implementing an ISMS for my organisation which went on to achieve ISO 27001 certification. Since then, | have implemented and helped manage a number of information security programs. | cannot think of a better way to start understanding ISO 27001 and information security management systems.”

- Jim


“Sharon was incredible. She really brought the course materials to life with her extensive experience. This really helped my learning and has given me confidence in going on to lead an ISMS/ISO 27001 implementation! Thank you, Sharon!”

- Jo McGlynn, Project Manager


“I very much enjoyed the training. The pace was perfect to cover our diverse groups’ needs while also delivering new knowledge to everyone across the spectrum.”

- Anonymous


“The group asked a lot of questions and Max provided very good answers. Some were experienced based, others precise details of the standard, but everybody was happy with the answers they got. It made for a good, interactive, and educational course.”

- Anonymous


"Max was very good, very helpful and comes across as a very nice guy. Very happy with the training and the way he presented the course.”

- Anonymous


Who should attend this course?

This ISO 27001 implementation training course is designed for anyone involved in information security management, for example:

  • IT/ Information Security Consultant
  • IT/ Information Security Manager
  • IT/ Information Security Officer
  • IT/ Information Security Project Manager
  • Cyber security consultant
  • Head of IT
  • CISO (Chief Information Security Officer)
  • GDPR Consultant
  • Information security analyst
  • ISMS Manager
  • Network manager

Your learning path

Find out how the Certified ISO 27001 ISMS Lead Implementer Training Course will help you start or enhance your knowledge and career.

This course is an essential component of the following learning paths:

Why choose IT Governance for your training needs?

  • We’re internationally recognised as the authority on ISO 27001 – our team led the world’s first ISO 27001 certification project.
  • We have trained more than 8,000 professionals on ISMS implementations and audits.
  • Taught by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Learn from anywhere – we have adjusted our delivery methods to allow you to learn from anywhere. Our Classroom / Live Online delivery option enables you to attend either in person or online.
  • Choose the method that suits you – we offer classroom, instructor-led online, self-paced online, e-learning and in-house training options.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.
Course details

What does this training course cover?

  • Why information security management is essential to an organisation.
  • The role and structure of an information security policy.
  • The key concepts, principles and main requirements of ISO/IEC 27001:2022.
  • The terms and definitions used in the Standard, including risk and options for risk assessments.
  • How to interpret the requirements of ISO 27001:2022 to determine the scope of your ISMS.
  • How to secure senior management commitment by building a compelling business case.
  • How to structure and manage your ISO 27001 project.
  • How to allocate roles and responsibilities for your ISO 27001 implementation.
  • How to review and map your existing controls to Annex A of ISO 27001.
  • The importance of the SoA (Statement of Applicability) and justifications for inclusions and exclusions.
  • How to carry out an information security risk assessment – the core competence of information security management.
  • The benefits of and key issues when selecting a risk assessment tool.
  • How to develop a management framework, write policies and produce other critical documentation.
  • The importance of staff, an effective communication strategy and general awareness training.
  • The key elements of management review.
  • Understand the requirements of ISO 27001 certification.
  • How to manage and drive continual improvement under ISO 27001.

What’s included in this course?

  • Full course materials (digital copy provided as a PDF file).
  • The ISO 27001:2022 Certified ISMS Lead Auditor exam.
  • A certificate of attendance.

What equipment do I need?

You will need a laptop for the duration of your course and exam.

Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 9:30 am – 5:00 pm

Day 2: 9:00 am – 5:00 pm

Day 3: 9:00 am – 5:00 pm

Course location

Learn from anywhere with our instructor-led Live Online or classroom courses.

Are there any prerequisites for this course?

There are no formal entry requirements for this course. However, we will assume that attendees have a basic knowledge of ISO 27001 gained either through reading the ISO 27001:2022 standard or attending the Certified ISO 27001:2022 ISMS Foundation training course. 

Is there any recommended reading?

We strongly recommend purchasing and reading the following standards before attending the course:

We also recommend that you purchase and read the following textbook:

Exams and qualifications

ISO 27001:2022 Certified ISMS Lead Auditor exam

Candidates take the ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) exam set by IBITGQ. There is no extra charge for this exam.

  • Delivery method: Online
  • Duration: 90 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 75%

This course is equivalent to:


CPD points

What qualifications will I receive?

Successfully completing the course and exam awards the ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) qualification.


This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications) and CIISec (The Chartered Institute of Information Security), satisfying CIISec Knowledge Areas requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard-copy exam certificates are not issued.

Do I need to bring proof of identity?

Candidates must have a form of photographic ID with them as the invigilator may request to check it before the exam.

Can exams be retaken?

Yes. If you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.


To support your continued professional development, it is essential that you maintain an adequate level of current knowledge associated with an ISO 27001 Lead Implementer. To demonstrate this competency to employers and other key stakeholders, you must recertify your IBITGQ qualification at regular intervals.

Individuals awarded the ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) qualification are required to recertify after three years. Candidates can undertake a recertification exam any time from one month before or two months after the expiry date (months 35–38) of their certificate. Please see IBITGQ Exams for further details. After this period, candidates can take the standard ISO 27001:2022 Certified ISMS Lead Implementer (CIS LI) exam at any convenient time.