ISMS Auditor/ Lead Auditor Course -

Istanbul (Turkey)

ISMS Auditor/ Lead Auditor Course

24 - 28 Feb 2020

IRCA Certified Auditor/Lead Auditor Information Security Management Systems ISO/IEC 27001:2013

The course allows to know and understand the Plan, Do, Check, Act (PDCA) cycle, consisting of the following information security management concepts:

  • Awareness of the need for information security
  • The assignment of responsibility for information security
  • Incorporating management commitment and the interests of stakeholders
  • Enhancing societal values
  • Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk
  • Incorporating security as an essential element of information networks and systems
  • The active prevention and detection of information security incidents
  • Ensuring a comprehensive approach to information security management
  • Continual reassessment of information security and making of modifications as appropriate
  • Knowledge of the requirements of ISO/IEC 27001, and/or at least 6 months’ work experience in the specific sector.

We provide a ISO 27001:2013 Lead Auditor Course in Istanbul from 24th to 28th February 2020.

All participants will receive an attendance certificate; those who pass the final written exam will receive the “Auditor/Lead Auditor Information Security Management Systems” certificate, which is recognized internationally. Certificates of successful Completion are only valid for three years for the purposes of auditor certification by CQI | IRCA.



The course aims at improving knowledge to:

  • Present information security concepts
  • Understand the scope and objectives of ISMS
  • Understand the processes included in the PDCA cycle and specific to ISMS
  • Present the risk identification, assessment and management methodology
  • Explain the relations between the ISO/IEC 27001:2013 standard and other similar standards
  • Understand the requirements of ISO/IEC 27001:2013 and ISO/IEC 27006 in the context of an ISMS audit

It also aims at improving Skills to Plan, conduct, report and follow up an audit in accordance with ISO/IEC 19011:2018, ISO/IEC 17021-1:2015 and ISO/IEC 27006 and by interpreting ISO 27001.

Course Contents

The course focus on:

  • Information Security Management
  • The 27001 family of standards
  • Audit evidences and trails that fulfil ISO/IEC 27001:2013
  • ISO/IEC 27002:2013 requirements
  • Risk management for ISMS
  • ISO/IEC 19011:2018 and ISO/IEC 17021-1:2015
  • Audit procedures applied for ISMS
  • Incident management and business continuity. 

Target Group

  • Aspiring Third Party Auditor on the Information Security Management Systems whishing to enroll in the CQI | IRCA international register and/or RICEC recognized by ACCREDIA as an Auditor/Lead Auditor of Information Security Management Systems
  • Company personnel involved in first and second party audit on the Information Security Management Systems in an organizational context with particular complexity and/or magnitude
  • Company heads of coordination, management and implementation of the Information Security Management Systems in an organizational context with particular complexity and/or magnitude
  • Designers and consultants for Information Security Management Systems