PR373: ISO/IEC 27001:2022 ISMS Lead Auditor Training Course (2579)

Secure Information. Lead with Trust.

Course

4 Dates available

Certificate of Completion

Virtual learning

40 Lessons

Available online

Seminar Number: PH-C03-LATC-ISMS-2022

This ISO 27001 ISMS Lead Auditor Training Course enables professionals to lead audits of Information Security Management Systems (ISMS) based on the ISO/IEC 27001:2022 standard. The training is CQI-IRCA certified, ensuring international credibility and alignment with ISO 19011 and ISO/IEC 17021 auditing guidelines.

Delivered over 5 days (40 hours), this course builds the technical and leadership capabilities required to assess information security risks, evaluate control effectiveness, and ensure compliance with ISO 27001.

Upon passing the final IRCA exam and continuous assessments, you will receive a CQI-IRCA Certificate of Achievement, valid for IRCA registration as a QMS Lead Auditor.

The training covers:

ISO/IEC 27001:2022 structure and key updates
Risk-based thinking in information security auditing
Applying ISO 19011:2018 audit methodology
Planning, conducting, and reporting ISMS audits
Managing audit teams and communicating findings

Prepare for Global Certification with Confidence

Why Certification Matters: The International Register of Certificated Auditors (IRCA) sets the global standard for management system auditors. Backed by CQI’s legacy since 1919, IRCA certification is your passport to international credibility, professional growth, and leadership in quality management.

TÜV Rheinland Academy - Your Trusted Training Partner: As an IRCA Approved Training Partner, TÜV Rheinland Academy delivers globally recognized auditor training for ISO 9001 QMS, ISO 14001 EMS, ISO 45001 OHSMS, and ISO 27001 ISMS. Our programs are designed to equip professionals with the skills to audit effectively, lead confidently, and elevate quality across organizations.

Benefits

Show Details

For Professionals:

Globally recognized IRCA-certified ISMS Lead Auditor qualification
In-demand skills in cybersecurity, auditing, and regulatory compliance
Expanded career opportunities in data protection, GRC, and consulting
Preparation to register as an IRCA Lead Auditor in ISO 27001

For Organizations:

Reduce data breach risks through internal audit readiness
Train staff to evaluate third-party security and supply chain risks
Align security programs with global best practices and compliance needs
Demonstrate commitment to safeguarding customer and business data

Target group

This course is ideal for:

Information Security Officers (CISO, ISMS Managers)
IT compliance, GRC, or risk professionals
Internal auditors and external consultants
Professionals aiming to become ISO 27001 certified lead auditors
Organizations building ISMS audit teams or preparing for certification

Applicable across industries: finance, tech, BPO, telecom, healthcare, government, and data-driven sectors.

Requirements

To successfully join this CQI-IRCA certified course, learners must meet the following criteria:

Recommended Knowledge
Learners are expected to have a solid understanding of:

ISO/IEC 27001:2022 standard and its key requirements
Information security principles, controls, and risk management
The Plan-Do-Check-Act (PDCA) cycle
Basic audit concepts based on ISO 19011
Prior completion of an ISMS awareness or internal auditor course is strongly recommended.

Admission Requirements

Have relevant experience in IT, audit, or information security management
Be proficient in English (training and exam are conducted in English)
Complete a 15-item pre-course test with a minimum score of 11/15

Pre-Assessment

Registered participants will be given access to a pre-course self-assessment to help identify learning gaps and prepare for the training.

Online IRCA Exam Adjustments

Non-native English speakers are granted an additional 30 minutes in the online IRCA LATC exam.
If further support is needed (due to a disability or religious requirement such as requesting a female proctor), participants must notify us early so a formal request can be submitted to CQI.

Data Privacy Notice

Before training, all learners must sign a Data Consent Form in line with the Data Privacy Act of 2012 (RA 10173). This permits the use of personal data solely for training delivery, certification processing, and CQI-IRCA reporting.
All information is handled securely and used only for legitimate training and assessment purposes.

Training outline

Show Details

This course imparts foundational knowledge in auditing principles and standards, focusing on the requirements of ISO/IEC 27001, aligned with ISO/IEC 27002. It delves into prevalent terms and definitions in information security management as outlined in ISO/IEC 27000, coupled with guidelines for effective audits as per ISO 19011:2018 and ISO 17021.

Participants will gain insights into:

Responsibility Assignment: Understanding the allocation of responsibility for information security.
Management Commitment & Stakeholder Interests: Integrating management dedication and addressing the concerns and interests of stakeholders.
Societal Values Enhancement: Elevating values within society through informed information security practices.
Risk Assessment & Control Determination: Utilizing risk assessment outcomes to identify and implement suitable controls for maintaining risk at acceptable levels.
Security Integration: Embedding security as a fundamental component of information networks and systems.
Proactive Incident Management: Actively preventing and identifying information security incidents to maintain robust security postures.
Holistic Security Management Approach: Adopting a comprehensive strategy for managing information security effectively.
Continual Security Reassessment: Regularly reviewing and adapting information security measures to address evolving threats and vulnerabilities.
Audit Execution: Mastering the planning, preparation, and execution of audits to ensure compliance and effectiveness.
Monitoring & Follow-Up: Learning effective monitoring techniques and follow-up strategies to ensure the sustained impact of audit activities.
Auditor Communication: Developing communication skills essential for auditors, including questioning techniques, active listening, and addressing communication challenges.

This structured learning experience is designed to equip participants with the skills and knowledge necessary to navigate the complexities of information security management and auditing effectively.

Other information

For payment details and inquiries, please contact academy@phl.tuv.com. Our team will guide you through the payment process and address any questions regarding schedules, content, or logistics.

ADDITIONAL INFORMATION

Training fees include access to digital materials and a Credsure.io certificate.
For Classroom Trainings, an additional fee of ₱2,500 will be charged to cover ancillary costs.
The total training fee, including any applicable ancillary costs, is subject to 12% VAT, unless stated otherwise.
Payment should be made on or before the first day of training. Unsettled accounts must be paid within 30 working days, and late payments will incur a monthly interest charge of 2% until fully paid.
We accept various payment methods; please reach out for instructions.

CANCELLATION POLICY

TÜV Rheinland Philippines reserves the right to postpone or cancel public courses for valid reasons.
Unless the cancellation is initiated by TÜV Rheinland Philippines, all fees are non-refundable once registration is confirmed.
Cancellations made five days or fewer before the training date are non-refundable, and full fees will be charged.
Substitute delegates may be nominated at no extra cost, but their details must be provided at least three business days before the training date.

Date selection