ISO Lead Auditor

SecureMisr in Cooperation with TÜV NORD EGYPT will organize ISO 27001:2013 Auditor/ Lead Auditor for Information security Management System (ISMS). This five day - training course is constructed in accordance with the international standard ISO 27001:2013 and ISO 27002:2013. It is designed to provide a general introduction on the overall requirement of the standard itself.

course syllabus

Workshop one: An Overview of Information Security Management System:

  • The purpose and business benefits of an ISMS.
  • Plan-Do-Check-Act framework and its application to information security management processes.
  • The intent of Annex SL Appendix 2 & ISO/IEC 27001: 2013 structure.
  • Relevant Common Terms (ISO 27000:2014).

Workshop Two: Scope, Policies and Objectives of the ISMS – (case study):

  • Purpose and the intended outcome(s) of the ISMS and the relevant external and internal issues.
  • Interested parties and any relevant requirements.
  • Scope of ISMS.
  • Information security policy and objective.
  • Documentary requirement.

Workshop Three: Documentary requirement.

Workshop Four: Risk Management (Assessment, Analysis and Treatment) - (base on case):

  • Evaluate the actions to address risks and opportunities.
  • Risk assessment process.
  • Risk treatment process.
  • Statement of Applicability.

Workshop Five: Leadership, Performance evaluation:

  • Top management leadership and commitment.
  • Responsibilities and authorities.
  • Effectiveness of the internal audit.
  • Effectiveness of management review.

Workshop Six: Audit Types and Levels:

  • Certification industry.
  • Different types of Audit.
  • Benefits of third-party accredited certification of information security management systems.

Workshop Seven: Stage one audit.

Workshop Eight: Audit plan.

Workshop Nine: Audit Checklist.

Workshop Ten: Stage two Audit.

Workshop Eleven: Preparation of Opening Meeting.

Workshop Twelve: Conduct Opening Meetings.

Workshop Thirteen: Sampling of On-site Auditing

Workshop Fourteen: Conduct Auditing

Workshop Fifteen: Evaluation of Audit Finding

Workshop Sixteen: Writing nonconformity Reports

Workshop Seventeen

  • Preparing audit conclusion
  • Writing Draft Audit Report (summery report)
  • Preparing Closing Meeting


Workshop Eighteen: Conduct Closing Meeting

Workshop Nineteen: Following up on the Audit & Corrective Action/Improvement -- Case Study


Final discussion & Course review.

Examination Briefing.

Examination: ISMS Lead Auditor Examination.

Who Should Attend?

  • Those wishing to implement a formal ISMS
  • Existing security auditors who wish to expand their auditing skills
  • Consultants who wish to provide advice on ISO/IEC 27001: 2013 systems certification
  • IT and Quality Professionals.

Apply Now