Professional Documents
Culture Documents
ISO/IEC 27007:2011 provides guidance on managing an information security management system (ISMS) audit program, on
conducting the audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO
19011. ISO/IEC 27007:2011 is applicable to those needing to understand or conduct internal or external audits of an ISMS
or to manage an ISMS audit program.
Based upon the ISO 27001 related auditing standards ISO 27007:2011 and 19011:2011, this one-day additional course
will provide an intensive overview of how to manage an internal audit of an organization's risk management program in along
with its corresponding information security management system. This course will also provide valuable guidance on
conducting the internal audits, on establishing and validating the competence of ISMS auditors, and prepare you for
your ISO 27001 auditor certification exams required for the well-recognized ISO 27001 Lead Auditor professional
certification.
This credential is applicable to those needing to understand or conduct internal or external audits of a risk management
system supporting an ISMS, or how to manage an ISO 27001 ISMS audit program. This is the only ISO 27001 Lead Auditor
training and professional examination program to incorporate ISO's 27007 standard as core content within its program.
Building upon the foundation understanding of the ISO 27005 risk management framework and ISO 27001 framework
validated by the Certified Internal Controls Architect credential , the ISO 27001 Lead Auditor certification by CIS certifies your
ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management
System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic
objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. Upon completion of this training and
certificate program, you will:
be equipped with knowledge and skills required to perform audits of Information Security Management Systems
(ISMS) against the ISMS standards;
The ISO 27001 Lead Auditor certification is available to qualified candidates who:
1. Are a member of CIS in good standing. If you are not already an Associate member of the CIS certification
student body, you must first become a member to pursue the CICA credential. Please see
www.certifiedinfosec.com/about/becoming-a-member for further details.
2. Attend the required CIS approved curriculum courses. Seminars may be attended at live instructor-led
sessions, online, or a combination of both.
CIS Policy Workshop: ISO 31000 Enterprise Risk Management
CIS Policy Workshop: ISO 27001 Information Security Management
ISO 27001 Lead Auditor
3. Pass the ISO 27001 Lead Auditor Exams.
For ISO 27001 Lead Auditor certification by CIS, candidates must pass CIS online exams RM101, ISMS101,
ISMS102, and ISMS103. CIS exams are administered online and can be taken at your convenience at your home
or work through the CIS Learning Center, where your progress and score are monitored and recorded centrally.
Your exam results are provided to you automatically upon completion of your exam.
You will officially become certified (certificated) once your exam results and required documentation are validated and
approved by the certification committee. Your certification kit will be mailed to you at the address you provided when
setting up your online account at our online learning center or online training and certification store. Those who have
achieved a CIS credential will be invoiced for certification renewal annual maintenance fees upon annual membership
renewal.
Complete
Complete
Choose your Complete
your entry-
your advanced your
Start here. level
certification level certification
training and
path. training and application!
exam.
exams.
CANDIDATE INFORMATION
Your Name Home address
State
City /Province Zip/Postal Code Country
ENDORSER INFORMATION
How do you know the candidate in a professional capacity?
I am the candidates supervisor (past or present) I am the candidate’s co-worker or colleague
Based upon your familiarity with the candidate on this form, do you feel this candidate has the character, skills, and professional integrity necessary to hold the ISO
27001 Lead Auditor certification? Yes No
With this signature, I endorse and recommend this candidate for certification as an ISO 27001 Lead Auditor:
Certified Information Security www.certifiedinfosec.com US: (888) 547-3481 International: +1 (904) 406-4311