ISO 27001 : 2013 - Certified Lead Auditor

Certification Overview

ISO 27001 : 2013 - Certified Lead Auditor

Exam Code: ISO27-13-001

The ISO 27001 : 2013 Certified Lead Auditor covers the ISO 27001 : 2013 standard and the information security controls in detail. The Lead Auditor Certification is intended for professionals who would like to establish their career as lead auditors for ISO 27001 and for information security professionals who would like to implement ISMS. The ISO 27001 : 2013 Lead Auditor Certification demonstrates that an individual has a substantial experience in leading an audit.

What is the difference between the Lead Implementer & Lead Auditor certification?

  • Lead Implementer Certification enables participants to develop an expertise to support an organization in implementing and managing a Management System based on ISO.
  • Lead Auditor certification enables participants to develop the expertise needed to audit a Management System and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

e-Competence Framework (e-CF)

The mapping of this certificate against the e-Competence Framework. To know more on e-Competence Framework (e-CF) visit, ECF

Exam Information

The exam comprises of 100 Multiple Choice Questions out of which the candidate needs to score 70% (70 out of 100 correct) to pass the exam.

Exams are online and proctored based, using a webcam and a reliable internet connection exams can be taken anywhere and anytime.

The total duration of the exam is 1 hour (60 Minutes).

No external sources of information may be accessed during the exam held via ProctorU. Further details of the materials permitted are provided:

  • Identification Proof.
  • If a Candidate does not pass the exam in the second (2nd) attempt, the candidate must wait for a period of at least fourteen (14) calendar days from the date of their attempt to retake the exam for third (3rd) time or any subsequent time.
  • The exam can be taken any number of times.

The ISO 27001 : 2013 - Certified Lead Auditor Certificate is valid for life.

Displaying your certificate

  • Remember, when labelling a product or system as certified to an ISO standard:
  • Don't say: "ISO certified" or "ISO certification"
  • DO say: "ISO 9001:2008 certified" or "ISO 9001:2008 certification" (for example).



The  ISO 27001 : 2013 - Certified Lead Auditor Level Certification has no pre-requisites.

Course Outline

Module 1 - Information Security

  • The Importance of Being Informed
  • Globally Connected
  • More Ado About Risks
  • Decoding the Secret of Information Security Management
  • Management and Awareness
  • Legislation, Regulation and Governance

Module 2 - Information Security 27001 Standards

  • ISO/IEC Standardisation
  • Overview
  • Evolution of the ISO/IEC 27000 
  • The Weakest Link 
  • Overview of ISO/IEC 27001: 2013 
  • ISMS Audience
  • Processes 
  • ISMS Stages

Module 3 - ISMS Business Context

  • Organisational Context
  • Needs and Expectations 
  • ISMS Scope
  • Interested Parties
  • Requirements Relevant to the ISMS 
  • Gathering Requirements Relevant to the ISMS

Module 4 - ISMS Scope

  • ISMS Scope 
  • What to Consider and What to Include 
  • Object of ISMS Scope 
  • Defining the ISMS Scope 
  • Scope Example 
  • External and Internal Connections

Module 5 - ISMS Risks

  • The Importance of Risk and Opportunity
  • Risk Management Process 
  • Ongoing Reassessment of Risk 

Module 6 - ISMS Leadership and Support

  • Management Policy
  • Leadership 
  • Roles and Responsibilities 
  • Resources 
  • Awareness

Module 7 - Controls to Modify the Risks

  • Determining the Controls 
  • System of Controls 
  • Policies and Procedures 
  • Sector-Specific Controls

Module 8 - ISMS Operations

  • Operational ISMS Procedures
  • Ongoing Risks Management
  • Operational Threats
  • Operational Processes
  • Incident Management
  • ISMS Availability and Business Continuity

Module 9 - Performance Evaluation

  • Performance, Change and Improvement
  • Monitoring and Operational Reviews
  • ISMS Measurements Programme
  • Ongoing Risk Management
  • ISMS Audits
  • Management Reviews of the ISMS
  • Awareness and Communications

Module 10 - Improvements to the ISMS

  • Continual Improvement
  • Conformance and Nonconformance
  • Making Improvements

Module 11 - Auditing

  • Audit Process
  • Nonconformities
  • Audit Report
  • Surveillance Audits 
  • Recertification 
  • Audit Trails 
  • Competence

Target Audience

Designed for people who wish to conduct external audits on behalf of assessment bodies for ISO 27001 certification, but also suitable for those who need to conduct thorough internal audits on behalf of their own organization. It is recommended that delegates have a working knowledge of the requirements of the applicable standard to which the course is being delivered

Registration Process for E-Course and Exam


  • Validity: 240 Days
  • Price: 210 USD
  • Please Read Carefully:

    1) Please Purchase the First Voucher from our E-Voucher Store to Schedule the exam via ProctorU.

    2) One Voucher can be used by one person, one time, for one exam discount/fee only.

Visit E-Voucher Store

Exam Registration

  • To Register for an Exam
Click Here