PECB ISO 9001 Lead Auditor Training Course

The PECB Certified DORA Lead Manager training program provides you with the essential skills to lead and manage the implementation of digital operational resilience strategies within financial entities, ensuring compliance with the European Union’s Digital Operational Resilience Act (DORA)

This training program is designed to help participants grasp the fundamental concepts and principles of a business continuity management system (BCMS) aligned with ISO 22301. Through this course, you will gain deeper insight into the standard's structure and requirements, including the BCMS policy, top management’s commitment, internal audits, management reviews, and the continual improvement process.

In light of the increasing frequency of disruptions and the unpredictable nature of various disasters—ranging from natural and occupational hazards to information security incidents—organizations are increasingly striving for ISO 22301 certification. As compliance with ISO 22301 becomes more critical, there is a rising demand for competent auditors equipped with the skills and knowledge to evaluate and verify organizational conformity.

Disasters affect organizations in diverse ways. They may stem from natural occurrences, information security violations, or a variety of other incidents. Their unpredictable nature underscores the critical importance of preparedness, which helps distinguish your business and define its future trajectory. Consequently, adequate planning is vital for mitigating risks, limiting adverse outcomes, and handling the negative effects of disasters and incidents, while guaranteeing that daily operations continue seamlessly to satisfy customer needs without any disruption.

Why participate?

The ISO/IEC 27001 Foundation training equips you with the fundamental knowledge required to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. Throughout this course, you will gain a comprehensive understanding of the various ISMS components, such as ISMS policies, procedures, performance metrics, management commitment, internal auditing, management review, and the principle of continual improvement.

Upon successful completion of the course, you will be eligible to take the examination and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. This certificate validates your grasp of the essential methodologies, requirements, frameworks, and management approaches defined by the standard.

Target Audience

• Professionals engaged in Information Security Management
• Individuals aiming to acquire knowledge about the core processes of Information Security Management Systems (ISMS)
• Career seekers interested in Information Security Management

Training Methodology

• Lectures are enhanced with practical questions and real-world examples
• Practical exercises feature illustrative examples and interactive discussions
• Practice tests mirror the format and style of the Certification Exam

ISO/IEC 27001 Lead Auditor

The ISO/IEC 27001 Lead Auditor training program equips you with the essential expertise to conduct Information Security Management System (ISMS) audits by applying internationally recognized audit principles, procedures, and techniques.

Why should you attend?

Through this training course, you will gain the knowledge and skills required to plan and execute both internal and external audits in accordance with ISO 19011 and the ISO/IEC 17021-1 certification process.

Based on practical exercises, you will master audit techniques and become competent in managing audit programs and teams, handling customer communications, and resolving conflicts.

Upon acquiring the necessary expertise to perform this audit, you may sit for the exam and apply for the “PECB Certified ISO/IEC 27001 Lead Auditor” credential. Holding a PECB Lead Auditor Certificate demonstrates that you possess the capabilities and competencies to audit organizations based on best practices.

Who should attend?

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master an Information Security Management System audit process
• Individuals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts seeking to prepare for an Information Security Management System audit
• Expert advisors in Information Security Management

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
• Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
• Learn how to lead an audit and audit team
• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

The ISO/IEC 27005 Lead Risk Manager training program equips you with the essential expertise to assist organizations in managing risks associated with all assets critical to Information Security, using the ISO/IEC 27005 standard as a guiding framework. Throughout this course, you will develop a comprehensive understanding of the process model for designing and implementing an Information Security Risk Management program. You will also gain in-depth knowledge of best practices for risk assessment methods, including OCTAVE, EBIOS, MEHARI, and harmonized TRA. This course supports the implementation of the ISMS framework outlined in the ISO/IEC 27001 standard.

Upon mastering the key concepts of Information Security Risk Management based on ISO/IEC 27005, you may take the exam to apply for the "PECB Certified ISO/IEC 27005 Lead Risk Manager" credential. Holding a PECB Lead Risk Manager Certificate demonstrates that you possess the practical knowledge and professional capabilities to support and lead teams in managing Information Security Risks.

Target Audience

• Information Security risk managers
• Members of Information Security teams
• Professionals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing or seeking compliance with ISO/IEC 27001, or those involved in risk management programs
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The "PECB Certified ISO/IEC 27005 Lead Risk Manager" exam fully complies with the requirements of the PECB Examination and Certification Programme (ECP). The exam assesses the following competency domains:

• Domain 1: Fundamental principles and concepts of Information Security Risk Management
• Domain 2: Implementation of an Information Security Risk Management program
• Domain 3: Information security risk assessment
• Domain 4: Information security risk treatment
• Domain 5: Information security risk communication, monitoring, and improvement
• Domain 6: Information security risk assessment methodologies

General Information

• Certification fees are included in the exam price
• Training materials, comprising over 350 pages of content and practical examples, will be provided
• A participation certificate granting 21 CPD (Continuing Professional Development) credits will be issued
• In the event of exam failure, you may retake the exam within 12 months at no additional cost

This training program teaches how information security risk assessment is conducted by integrating information from ISO/IEC 27005:2022 and ISO/IEC 27001. Alongside theoretical knowledge, the course includes practical exercises, quizzes, and case studies, making it a highly engaging learning experience.

ISO 37001:2025 is an international standard for Anti-Bribery Management Systems (ABMS) that establishes requirements and provides guidance for preventing, detecting, and addressing bribery risks within organizations of any size or industry.

This instructor-led, live training (available online or onsite) is designed for beginner to intermediate-level professionals seeking to understand and support the implementation or auditing of an anti-bribery management system aligned with ISO 37001:2025.

Upon completion of this training, participants will be able to:

• Comprehend the structure and objectives of ISO 37001:2025.
• Apply anti-bribery requirements in practical organizational settings.
• Develop and monitor effective internal controls and reporting mechanisms.
• Support organizational efforts to achieve regulatory compliance and uphold ethical integrity.

Format of the Course

• Interactive lectures and discussions.
• Real-world case studies and examples.
• Scenario-based exercises and group work.

Course Customization Options

• To request customized training for this course, please contact us to arrange it.

ISO 37301 is an international standard that outlines the requirements for establishing, developing, implementing, evaluating, maintaining, and improving an effective compliance management system (CMS).

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level professionals who wish to understand, implement, or audit a compliance management system based on ISO 37301.

By the end of this training, participants will be able to:

• Understand the structure, purpose, and scope of ISO 37301.
• Implement the key elements of a compliance management system (CMS).
• Identify compliance risks and opportunities across the organization.
• Integrate ISO 37301 CMS with existing governance, risk, or ISO systems.

Format of the Course

• Interactive lecture and discussion.
• Hands-on exercises and real-world case studies.
• Group activities and compliance scenario simulations.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

ISO 9001 and ISO 27001 stand as globally acknowledged benchmarks for quality management and information security management systems, respectively.

Delivered through instructor-led live sessions, available either online or on-site, this training is designed for professionals at an intermediate level who aim to master the interpretation of ISO 9001 and ISO 27001 standards and execute internal audits with confidence.

Upon completing this course, participants will be equipped to:

• Grasp the fundamental principles and mandatory requirements of both ISO 9001 and ISO 27001.
• Apply the interpretation of specific clauses and controls to practical, real-world situations.
• Effectively plan and carry out internal audits in accordance with ISO standards.
• Detect nonconformities and propose appropriate corrective measures.

Course Delivery Format

• Engaging interactive lectures paired with group discussions.
• Practical auditing exercises and in-depth case studies.
• Direct analysis of quality and security scenarios to reinforce learning.

Customization Options

• For tailored training solutions based on this curriculum, please reach out to us to coordinate arrangements.

The ISO/IEC 27001 Transition training course allows participants to gain a comprehensive understanding of the distinctions between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. Furthermore, participants will learn about the new concepts introduced by ISO/IEC 27001:2022.

Who can attend?

• Auditors seeking to perform and lead information security management system (ISMS) audits
• Managers or consultants seeking to master the information security management system audit process
• Individuals responsible to maintain conformity with the ISMS requirements in an organization
• Technical experts seeking to prepare for the information security management system audit
• Expert advisors in information security management

Learning objectives

By the end of this training course, the participants will be able to:

1. Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
3. Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
4. Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
5. Manage an ISO/IEC 27001 audit program

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam