.
| Call IRMCB in the United States | +1 (904) 329-1276 |
-
ISO 27001 Certified Lead Auditor™
Building upon the foundation understanding of the ISO 31000 and 27005 risk management frameworks, and the ISO 27001 framework validated by the Certified Internal Controls Architect credential, the ISO 27001 Lead Auditor certification by CIS further certifies your ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. This professional certification is applicable to those needing to conduct internal or external audits of a risk management system supporting an ISMS, or how to manage an ISO 27001 ISMS audit program. This is the only ISO 27001 Lead Auditor training and professional examination program to incorporate ISO's 27007 standard as core content within its program. Building upon the foundation understanding of the ISO 27005 risk management framework and ISO 27001 framework validated by the Certified Internal Controls Architect credential , the IRMCB ISO 27001 Lead Auditor certification tests and certifies participants' ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that participants are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices.
Upon completion of this training and certificate program, participants will:
- be equipped with knowledge and skills required to perform audits of Information Security Management Systems (ISMS) against the ISMS standards;
- be able to expand participants' auditing competency;
- be able to increase participants' credibility through gaining international recognition; and
- be able to improve particpants' résumé/CV and help to increase participants' earning potential.
Getting certified is easy, and can be accomplished completely online. The ISO 27001 Lead Auditor™ certification is available to qualified candidates who:
- Are a member of the IRMCB Body of Professionals in good standing. If you are not already an associate member of the IRMCB Body of Professionals, you must first become a member to pursue the ISO 27001 Lead Auditor credential.
- Attend the required IRMCB approved curriculum course, live or online, via an IRMCB Authorized Training and Education Center. Prerequisite training for CICA certification eligibility includes completion of all of the following:
- Policy Workshop: ISO 31000 Enterprise Risk Management
- Policy workshop: ISO 27001 Information Security Management
- ISO 27001 Lead Auditor
- Pass the ISO 27001 Lead Auditor exams. For ISO 27001 Lead Auditor certification by IRMCB, candidates must pass IRMCB exams RM101, ISMS101, ISMS102, and ISMS103. IRMCB exams are administered on-line. Your exam results are provided automatically upon completion of your exam.
- Gain the required experience. ISO 27001 Lead Auditor certification requires at least two years of related qualified experience.
- Submit your professional endorsements. Official endorsement forms are available for download from IRMCB or from IRMCB Authorized Training and Ecucation Centers that are approved to proctor examinations. Your completed application and documentation can be mailed, transmitted by facsimile, or e-mailed to:
IRMCB
ATTN: Certification Department
3780 Ashford Creek Avenue NE
Atlanta, GA USA
Fax: +1(786) 522-9063
E-mail: certification@irmcb.org - Gain final approval from the certification committee and become certified by IRMCB.
You will officially become certified once your exam and credentials are approved by the certification committee. Your certification kit will be mailed to the address you provided for your membership account. Those who have attained an IRMCB credential will be invoiced for certification renewal upon annual membership renewal.
Getting IRMCB standardized training and taking certification exams
IRMCB courses are delivered by Authorized Training and Education Centers (ATECs) in standardized live and online formats. Select ATECs are also authorized to proctor exams and issue certificates.
Authorized Training and Education Center Headquarters Authorized for Live Instructor-Led Training Authorized for Web-Based Training Authorized exam center Certified Information Security United States SCHEDULED EVENTS REGISTER REGISTER -
Required Training
ISO 27001 CICA certification requires successful completion of each of the following IRMCB authorized courses delivered by IRMCB Authorized Training and Education Centers (ATECs):
-
ISO 27001 Lead Auditor certification requires successful completion of four exams:
Exam #RM101 maps to ISO/IEC 31000, 31010, and 27005 risk management content areas taught in IRMCB's authorized course, "Policy Workshop: ISO 31000 Enterprise Risk Management."
- Required for CICRA, CICA, CBCS, CBCA, and CBCM certifications.
- Number of questions: 65
- Passing score: 75%
- Time limit: 70 minutes
RM101 Content Areas
- Context establishment
- Risk assessment
- Risk treatment
- Risk acceptance
- Risk communication
- Risk monitoring and review
Exam #ISMS101 maps to ISO/IEC 27001, 27002, and 27003 content areas associated with ISMS planning and strategy, as taught in IRMCB's authorized course, "Policy Workshop: ISO 27001 Information Security Management."
- Required for ISO 27001 CICA and ISO 27001 Lead Auditor certification
- Number of questions: 65
- Passing score: 75%
- Time limit: 70 minutes
Content Areas
- Developing an Information Security Management System program
- Project managing a successful ISO 27001 internal controls implementation
- Establishing the ISMS organization
- Core ISO 27001 and 27002 best practices relating to:
- Information security policy and scope
- Risk assessment and Statement of Applicability
- Understanding the organization
Exam #ISMS102 maps to ISO/IEC 27001 and 27002 content areas associated with ISMS deployment, monitoring, exercising, and maintenance, as covered in Certified Information Security's course, "CIS Policy Workshop: ISO 27001 Information Security Management".
- Required for CICA and ISO 27001 Lead Auditor certification
- Number of questions: 65
- Passing score: 75%
- Time limit: 70 minutes
Content Areas
Core ISO 27001 and 27002 best practices relating to:
- External party controls
- Asset management
- Human Resources security
- Physical and environmental security
- Equipment security
- Communications and operations management
- Malicious software controls
- Network security management and media handling
- Business continuity management
- Compliance
- Exchange of information
- Electronic commerce, e-mail and internet security
- General, network, operating system, and application access control
- Systems acquisition, development and maintenance
- Cryptographic controls
- Development and support process security
- Monitoring of information security and incident management
- Preparing for an ISO 27001 audit
Exam #ISMS103 maps to ISO/IEC 27001, 27002, 27007, and TR27008 content areas associated with ISMS deployment, monitoring, exercising, and maintenance, as covered in Certified Information Security's course, "ISO 27001 Lead Auditor."
- Required for ISO 27001 Lead Auditor certification
- Number of questions: 65
- Passing score: 75%
- Time limit: 70 minutes
Content Areas
- Auditing the Audit Function & Program
- Principles of auditing
- Managing an audit program
- Establishing the audit program objectives
- Establishing the audit program
- Role and responsibilities of the person managing the audit program
- Competence of the person managing the audit program
- Determining the extent of the audit program
- Identifying and evaluating audit program risks
- Establishing procedures for the audit program
- Identifying audit program resources
- Implementing the audit program
- Monitoring the audit program
- Reviewing and improving the audit program
- Performing an audit
- Initiating the audit
- Preparing audit activities
- Conducting the audit activities
- Preparing and distributing the audit report
- Completing the audit
- Conducting audit follow-up
- Auditing the ISMS Scope, Policy, Risk Assessment Approach, and ISMS Implementation
- ISO 27001 Audit Criteria
- ISO 27005 Best Practices
- ISO 27007 Evidence Collection Recommendations
- Auditing the ISMS Monitoring and Review
- ISO 27001 Audit Criteria
- ISO 27007 Evidence Collection Recommendations
- Audit the ISMS Documentation Fulfillment
- ISO 27001 Audit Criteria
- Audit the ISMS Organization and Management Commitment
- ISO 27001 Audit Criteria
- ISO 27002 Best Practices
- ISO 27007 Evidence Collection Recommendations
- Auditing ISMS Internal Audit against ISO 27001 Requirements
- ISO 27001 Audit Criteria
- ISO 27007 Evidence Collection Recommendations
- Auditing Management Review
- An overview of using ISO TR 27008 to audit internal controls
-
Qualified experience for Certified ISO 27001 Lead Auditor™ certification
Certified ISO 27001 Lead Auditor is an expert-level certification for information security professionals with at least two years of qualified experience. This certification maps to and fulfills all ISO/IEC 27001 competence requirements. General characterization for eligible experience:
- Developing an Information Security Management System program
- Project managing a successful ISO 27001 internal controls implementation
- Core ISO 27001 and 27002 best practices relating to:
- Information security policy and scope
- Risk assessment and Statement of Applicability
- External party controls
- Asset management
- Human Resources security
- Physical and environmental security
- Equipment security
- Communications and operations management
- Malicious software controls
- Network security management and media handling
- Monitoring of information security and incident management
- Business continuity management
- Compliance Exchange of information
- Electronic commerce, e-mail and internet security
- General, network, operating system, and application access control
- Systems acquisition, development and maintenance
- Cryptographic controls
- Development and support process security
- Monitoring of information security and incident management
- Business continuity management
- Compliance
- Operations audit
Information Security ISO 27001 Lead Implementer Auditor
cissp information security certification training |
cissp information security certification training |
iso 27001 lead implementer certification |
iso 27001 lead implementer training |
iso 27001 lead implementer certification |
iso 27001 lead implementer training |
iso 27001 lead implementer certification |
iso 27001 lead implementer training |
iso 27001 lead implementer certification |
online cisa certification exam training |
online cism certification exam training |
online cica certification exam training |
online cicra certification exam training |
online cbcs certification exam training |
online cbca certification exam training |