PECB ISO 9001 Lead Auditor Training Course

The PECB Certified DORA Lead Manager training course equips you with the necessary skills to lead and oversee the implementation of digital operational resilience strategies within financial entities to help them ensure compliance with European Union’s Digital Operational Resilience Act (DORA)

This training course is designed to help participants understand the fundamental concepts and principles of a business continuity management system (BCMS) based on ISO 22301. By attending this training course, participants will learn more about the structure and requirements of the standard including the BCMS policy, the top management’s commitment, internal audit, management review, and continual improvement process.

In response to the growing prevalence of disruptions and the unpredictable nature of various types of disasters, including those of natural, occupational, or information security nature, organizations are actively pursuing ISO 22301 certification. As more organizations seek compliance with ISO 22301, there is a corresponding demand for skilled auditors who possess the necessary skills and knowledge to assess and verify their compliance.

Disasters have various impacts in organizations. Disasters can result from natural events, information security breaches, or various other incidents. They are often unpredictable and that highlights the significance of preparedness in setting your business apart and shaping its future. As such, proper planning is essential in reducing risks, minimizing consequences, and managing the negative impacts of disasters and incidents while ensuring the continuity of daily operations to meet customer needs without interruption.

Why should you attend?

The ISO/IEC 27001 Foundation training provides you with a comprehensive understanding of the essential elements required to implement and manage an Information Security Management System (ISMS) as outlined in ISO/IEC 27001. Throughout this training, you will delve into various aspects of ISMS, such as policy development, procedures, performance metrics, management commitment, internal audits, management reviews, and continuous improvement.

Upon completing the course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” certification. This credential demonstrates your grasp of the core methodologies, requirements, framework, and management approaches outlined in the standard.

Who should attend?

• Professionals involved in Information Security Management
• Individuals looking to gain knowledge about the key processes of Information Security Management Systems (ISMS)
• Those interested in pursuing a career in Information Security Management

Educational approach

• Lectures are complemented with practical questions and real-world examples
• Practical exercises involve case studies and group discussions
• Practice tests mirror the structure and difficulty of the Certification Exam

ISO/IEC 27001 Lead Auditor

The ISO/IEC 27001 Lead Auditor training equips you with the essential expertise to conduct an Information Security Management System (ISMS) audit by employing widely recognized auditing principles, procedures, and techniques.

Why should you attend?

Throughout this training course, you will gain the knowledge and skills needed to plan and execute internal and external audits in accordance with ISO 19011 and the ISO/IEC 17021-1 certification process.

Through practical exercises, you will become proficient in audit techniques and capable of managing an audit program, leading an audit team, communicating effectively with customers, and resolving conflicts.

After acquiring the necessary expertise to perform this audit, you can take the exam and apply for the “PECB Certified ISO/IEC 27001 Lead Auditor” credential. Holding a PECB Lead Auditor Certificate will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

Who should attend?

• Auditors looking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants aiming to master the ISMS audit process
• Individuals responsible for maintaining compliance with Information Security Management System requirements
• Technical experts preparing for an Information Security Management System audit
• Expert advisors in Information Security Management

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand an auditor’s role in planning, leading, and following up on a management system audit according to ISO 19011
• Learn how to lead an audit and manage an audit team
• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to plan, lead, draft reports, and follow up on an audit in compliance with ISO 19011

Educational approach

• This training is based on both theoretical knowledge and best practices used in ISMS audits
• Lecture sessions are illustrated with examples from case studies
• Practical exercises include role-playing and discussions based on a case study
• Practice tests mirror the Certification Exam

The ISO/IEC 27005 Lead Risk Manager training equips you with the essential expertise to support an organization in managing risks associated with all assets relevant to Information Security. This training uses the ISO/IEC 27005 standard as a reference framework. Throughout the course, you will gain a comprehensive understanding of a process model for designing and developing an Information Security Risk Management program. The training also provides a thorough insight into best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI, and harmonized TRA. This course supports the implementation of the ISMS framework outlined in the ISO/IEC 27001 standard.

After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can take the exam to apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By obtaining this certification, you will demonstrate your practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Those implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001, or involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information security risk assessment
• Domain 4 Information security risk treatment
• Domain 5 Information security risk communication, monitoring, and improvement
• Domain 6 Information security risk assessment methodologies

General Information

• Certification fees are included in the exam price
• Training material with over 350 pages of information and practical examples will be provided
• A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months at no additional cost

This training course teaches how risk assessment for information security is done by combining the information on ISO/IEC 27005:2022 and ISO/IEC 27001. In addition to theoretical knowledge, this training course is equipped with practical exercises, quizzes, case studies, all of which make it a very engaging training course.

ISO 37001:2025 is an international standard for Anti-Bribery Management Systems (ABMS) that offers requirements and guidance for preventing, detecting, and managing bribery risks in organizations of all sizes and sectors.

This instructor-led, live training (available online or on-site) is designed for professionals at the beginner to intermediate level who aim to understand and support the implementation or auditing of an anti-bribery management system based on ISO 37001:2025.

By the end of this training, participants will be able to:

• Comprehend the structure and purpose of ISO 37001:2025.
• Implement anti-bribery requirements in practical organizational scenarios.
• Develop and oversee effective internal controls and reporting mechanisms.
• Assist organizations in achieving regulatory compliance and maintaining ethical standards.

Format of the Course

• Interactive lectures and discussions.
• Real-world case studies and examples.
• Scenario-based exercises and collaborative group work.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

ISO 37301 is an international standard that outlines the requirements for setting up, developing, implementing, evaluating, maintaining, and enhancing an effective compliance management system (CMS).

This instructor-led, live training (available online or on-site) is designed for professionals at beginner to intermediate levels who wish to understand, implement, or audit a compliance management system based on ISO 37301.

By the end of this training, participants will be able to:

• Grasp the structure, purpose, and scope of ISO 37301.
• Implement the essential components of a compliance management system (CMS).
• Identify compliance risks and opportunities throughout the organization.
• Integrate the ISO 37301 CMS with existing governance, risk, or ISO systems.

Format of the Course

• Interactive lectures and discussions.
• Practical exercises and real-world case studies.
• Group activities and compliance scenario simulations.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

ISO 9001 and ISO 27001 are globally recognized standards for quality management systems and information security management systems, respectively.

This instructor-led, live training (conducted online or on-site) is designed for intermediate-level professionals who aim to interpret the ISO 9001 and ISO 27001 standards and carry out internal audits effectively.

By the end of this training, participants will be able to:

• Grasp the principles and requirements outlined in ISO 9001 and ISO 27001.
• Apply the clauses and controls to real-world situations.
• Plan and execute internal audits in line with ISO standards.
• Identify nonconformities and suggest corrective actions.

Format of the Course

• Interactive lectures and discussions.
• Practical auditing exercises and case studies.
• Hands-on analysis of quality and security scenarios.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

The ISO/IEC 27001 Transition training course enables participants to thoroughly understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. In addition, participants will acquire knowledge on the new concepts presented by ISO/IEC 27001:2022.

Who can attend?

• Auditors looking to conduct and lead information security management system (ISMS) audits
• Managers or consultants aiming to master the ISMS audit process
• Individuals responsible for ensuring compliance with ISMS requirements within an organization
• Technical experts preparing for ISMS audits
• Expert advisors in information security management

Learning objectives

By the end of this training course, participants will be able to:

1. Explain the core concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from an auditor's perspective
3. Evaluate the conformity of an ISMS to ISO/IEC 27001 requirements, in line with fundamental audit concepts and principles
4. Plan, conduct, and conclude an ISO/IEC 27001 compliance audit, adhering to ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best auditing practices
5. Manage an ISO/IEC 27001 audit program effectively

Educational approach

• This training combines theoretical knowledge with practical approaches used in ISMS audits
• Lecture sessions are enriched with examples drawn from real-world case studies
• Practical exercises include role-playing and discussions based on a detailed case study
• Practice tests are designed to mirror the Certification Exam format