ISO/IEC 27001-27002 - Lead Auditor

Certification Overview

ISO/IEC 27001-27002 - Lead Auditor

Exam Code: ISOIEC-LA

The ISO/IEC 27001-27002 Lead Auditor Certification will able to build stakeholder confidence, data protection and ISO 27001 compliance, and confidently take the responsibility to conduct audits. You gain the knowledge and confidence to build an organisational culture of information security.

The Certification equips Lead Auditors with the practical tools to complete the ISO 27001: 2013 qualification process. Through focused training you will learn how to plan, manage and implement an ISMS audit programme. Specialist trainers ensure you can provide your organisation with the practical help and information required to achieve an internationally recognised certification

The main benefit from achieving the ISO/IEC 27001-27002 Lead Auditor certification is the recognition that the individual can be engaged by certification bodies to perform information management system audits under their direction and management system.

e-Competence Framework (e-CF)

The mapping of this certificate against the e-Competence Framework. To know more on e-Competence Framework (e-CF) visit, ECF

Exam Information

The exam comprises of 100 Multiple Choice Questions out of which the candidate needs to score 70% (70 out of 100 correct) to pass the exam.

Exams are online and proctored based, using a webcam and a reliable internet connection exams can be taken anywhere and anytime.

The total duration of the exam is 2 hours (120 Minutes)

No external sources of information may be accessed during the exam held via ProctorU. Further details of the materials permitted are provided:

  • Identification Proof
  • If a Candidate does not pass the exam in the second (2nd) attempt, the candidate must wait for a period of at least fourteen (14) calendar days from the date of their attempt to retake the exam for third (3rd) time or any subsequent time.
  • The exam can be taken any number of times.

The ISO/IEC 27002 Lead Implementer Certificate is valid for life.

Displaying your certificate

  • Remember, when labelling a product or system as certified to an ISO standard:
  • Don't say: "ISO certified" or "ISO certification"
  • DO say: "ISO 9001:2008 certified" or "ISO 9001:2008 certification" (for example).



The ISO/IEC 27001-27002 Lead Auditor Certification has no pre-requisites (Completion of an E-Course is not mandatory from GAQMBok portal), but we highly recommend doing the E-Course as maximum number of questions are drawn from the E-Course in the actual exam.

Course Outline

What is covered in the Exam?

  • The purpose and business benefits of an ISMS, ISMS standards, ISMS audits and third party certification
  • What is the role and skills required by an auditor when planning, conducting, reporting and following up on an ISMS audit in accordance with ISO/IEC 27001:2013, ISO/IEC 27002:2013
  • Information technology -- Security techniques -- Code of practice for information security controls, ISO 19011:2011
  • Guidelines for auditing management systems and where applicable, ISO 17021:2011
  • Conformity assessment - Requirements for bodies providing audit and certification of management systems

Target Audience

Who should take this exam?

  • This Certification is suitable for those involved in leading audits of an ISMS in compliance with ISO /IEC 27001:2013
  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Registration Process for E-Course and Exam


  • Validity: 240 Days
  • Price: 170 USD
  • Please Read Carefully:

    1) Please Purchase the Second Voucher from our Voucher Store to Schedule the exam via ProctorU.

    2) One Voucher can be used by one person, one time, for one exam discount/fee only.

Visit E-Voucher Store

Exam Registration

  • To Register for an Exam
Click Here