Auditor / Lead Auditor ISO 27001
What is it?
The SO/IEC 27001:2022 Auditor/Lead Auditor certification attests that the certified person :
- Possesses or has acquired the knowledge and skills required to audit information security management systems in compliance with ISO/IEC 27001 "Information technology - Security techniques - Information security management systems - Requirements", either as a member of an audit team or alone.
- Has the know-how and personal qualities required to conduct an audit, as defined in ISO/IEC 19011 "Guidelines for auditing management systems" and associated guides (ISO, IAF, EA).
Who can take the exam?
All security professionals wishing to master the audit and certification process in order to prepare or carry out internal audits or ISO/IEC 27001 compliance audits:
- Auditors wishing to carry out and lead information security management system certification audits
- Managers or consultants wishing to master the information security management system audit process
- Anyone responsible for maintaining compliance with ISMS requirements
- Technical experts wishing to prepare an information security management system audit
- Consultants specializing in information security management
How does the exam work?
The exam, in the form of MCQs and a case study, is designed to assess :
- Mastery of ISO/IEC 27001 and ISO/IEC 27002 (principles, vocabulary, organization),
- Knowledge of auditing and certification principles (ISO 19011, ISO 17021-1 and ISO 27006),
- Ability to analyze audit evidence,
- Ability to prepare, conduct and conclude an audit in a relevant and effective manner,
- Knowledge of risk management (principles and processes),
- Ability to analyze compliant and non-compliant situations.
Certification is based on passing the ISO/IEC 27001:2022 Auditor/Lead Auditor written exam organized by LSTI, and on auditing experience.
This exam is available on our online exam platform. To register, visit our Registration page.
When registering, please provide your DT138 certificate and proof of experience:
- For ISO/IEC 27001:2022 Auditor certification, proof (from a client or employer) of at least 20 audit days on ISO/IEC 27001 over the last three years;
- For ISO/IEC 27001:2022 Lead Auditor certification, proof (from a customer or employer) of at least 20 days' auditing on ISO/IEC 27001 over the last three years, including at least 3 full audits in the role of audit manager, and successful completion of the advanced level exam;
- Without prior experience, you will sit the exam as a Provisional Auditor.
If you have any questions, please fill in our form by selecting the subject "information about certification personal skills", and we'll get back to you within a few days.
Auditor/Lead Auditor certification rules ISO/IEC 27001:2022 - Q080 v. 2.2
Certification Rules Auditor/Lead Auditor ISO/IEC 27001:2017 - Q080 v. 1.6
Why choose LSTI?
Recognized expertise
Specialized auditors
