Skip to Main Content
Certified ISO 27001:2022 ISMS Lead Auditor Training Course

Certified ISO 27001:2022 ISMS Lead Auditor Training Course

  • Train with the ISO 27001 experts and gain the skills to deliver external certification and supplier audits against ISO 27001:2022.
  • Industry-leading course designed to help you build your career as an ISO 27001 auditor.
  • Successfully completing this five-day course and included exam awards the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification and 35 CPD/CPE points.

This course is based on ISO/IEC 27001:2022, the newest version of the ISO 27001 standard published in October 2022.

Step 1 - Select location
Step 2 - Select date
Prix : 2.525,00 €
Step 3 - Select quantity

Training course outline

ISO/IEC 27001:2022 is the newest version of ISO 27001 and was published in October 2022. While not significantly different from the previous standard, ISO 27001:2022 has notable changes that include scoping, planning, operation and performance evaluation, and a revised Annex A.

This accredited practitioner-led course will teach you:

  • The skills to conduct second-party (supplier) and third-party (external and certification) ISMS (information security management system) audits;
  • How to lead a team of auditors and gain the skills to achieve compliance with ISO 27001;
  • How to competently manage an ISMS audit programme; and
  • The best-practice audit methodology based on ISO 19011, allowing you to master audit techniques.

Certified ISO 27001 ISMS Foundation training course benefits

 Designed by experts

Designed by IT Governance Director Steve Watkins, a contracted technical assessor for UKAS.

 Delivered by professionals

Real-world practitioners show you how to tackle an ISMS project from start to finish.

 Aligned with best practice

Aligned with the best-practice ISO 19011:2011 (Guidelines for auditing management systems) audit methodology. 

 Learn from anywhere

Choose whether you attend Live Online or in person at one of our training venues.

Who should attend this course?

This course is aimed at individuals who want a globally recognised ISO 27001 lead auditor qualification to further their careers. It is also designed for managers responsible for implementing and maintaining an ISO 27001-compliant ISMS, such as:  

  • IT/information security managers
  • Compliance auditors
  • GDPR consultants
  • IT/information security consultants
  • Cyber security consultants
  • Heads of IT
  • Information and risk managers
  • Information security analysts
  • Information security officers
  • Internal auditors
  • ISMS managers

Your learning path

Find out how the Certified ISO 27001:2022 ISMS Lead Auditor Training Course will help you enhance your knowledge and career.

This course is an essential component of the following learning paths:

Why choose IT Governance for your training needs?

  • We’re internationally recognised as the authority on ISO 27001 – our team led the world’s first ISO 27001 certification project.
  • We have trained more than 8,000 professionals on ISMS implementations and audits.
  • Taught by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Learn from anywhere – we have adjusted our delivery methods to allow you to learn from anywhere. Our Classroom / Live Online delivery option enables you to attend either in person or online.
  • Choose the method that suits you – we offer classroom, instructor-led online, self-paced online, e-learning and in-house training options.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.
Course details

What does this training course cover?

  • An overview of the structure and major requirements of ISO/IEC 27001:2022.
  • An overview of the audit process used by certification bodies.
  • The purpose, benefits and core principles of effective auditing.
  • Common auditing terms and definitions.
  • Critical skills required for performing an audit.
  • Best-practice audit methodology based on ISO 19011.
  • How to establish, maintain and manage an audit programme.
  • How to plan, conduct, report, summarise and follow up on an audit.
  • Effective interviewing techniques and observation skills.
  • How to use audits to identify nonconformities and ensure appropriate corrective action is taken.
  • How to assess and evaluate the competence of auditors.
  • Accredited certification audit specifics.
  • How the audit process is used in first-, second- and third-party audits.
  • How to apply continual improvement of the ISMS.

What’s included in this course?

  • Full course materials (digital copy provided as a PDF file).
  • The ISO 27001:2022 Certified ISMS Lead Auditor exam.
  • A certificate of attendance.

What equipment do I need?

You will need a laptop for the duration of your course and exam.

Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 10:00 am – 5:00 pm

Day 2: 9:15 am – 5:00 pm

Day 3: 9:15 am – 5:00 pm

Day 4: 9:15 am – 5:00 pm

Day 5: 9:15 am – 1:30 pm

Course location

Learn from anywhere with our instructor-led Live Online or classroom courses.

Are there any prerequisites for this course?

There are no formal entry requirements for this course, but learners should have a good knowledge of ISO 27001. This could be obtained through practical experience, reading, or attending the Certified ISO 27001:2022 ISMS Foundation or Certified ISO 27001:2022 ISMS Lead Implementer training courses.

Attendees will need to have their own copies of the ISO/IEC 27001:2022 and ISO 27002:2022 standards for use during the course.

Is there any recommended reading?

We strongly recommend purchasing and reading the following standards before attending the course:

We also recommend that you purchase and read the following textbook:

Exams and qualifications

ISO 27001:2022 Certified ISMS Lead Auditor exam

Candidates take the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) exam set by IBITGQ. There is no extra charge for this exam.

  • Delivery method: Online
  • Duration: 90 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 75%

This course is equivalent to:


CPD points

What qualifications will I receive?

Successfully completing the course and exam awards the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification.


This course is accredited by IBITGQ and CIISec (Chartered Institute of Information Security). It satisfies the CIISec Knowledge Areas requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1.

IBITGQ is a personnel certification body that certifies individuals in the field of IT governance.

IBITGQ is accredited to the ISO/IEC 17024:2012 standard (Conformity assessment – General requirements for bodies operating certification of persons) by IAS (International Accreditation Service). ISO 17024 is a global, industry-recognised benchmark, and qualifications accredited to this standard are recognised and highly valued by employers throughout the world.

You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the IBITGQ/GASQ successful candidate register.

The PCI SSC has indicated that it accepts GASQ certifications in relation to the IBITGQ accredited courses as meeting the requirements of an individual applying to become a PCI DSS (Payment Card Industry Data Security Standard) QSA (Qualified Security Assessor).

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard-copy exam certificates are not issued.

Do I need to bring proof of identity?

Candidates must have a form of photographic ID with them as the invigilator may request to check it before the exam.

Can exams be retaken?

Yes. If you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.


To support your continued professional development, it is essential that you maintain an adequate level of current knowledge associated with an ISO 27001 Lead Auditor. To demonstrate this competency to employers and other key stakeholders, you must recertify your IBITGQ qualification at regular intervals. 

Individuals awarded the ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) qualification are required to recertify after three years. Candidates can undertake a recertification exam any time from one month before or two months after the expiry date (months 35–38) of their certificate. Please see IBITGQ Exams for further details. After this period, candidates can take the standard ISO 27001:2022 Certified ISMS Lead Auditor (CIS LA) exam at any convenient time. 

Avis des clients

This website uses cookies. View our cookie policy.