PECB ISO/IEC 27001 Lead Auditor
Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001
Day 2: Audit principles, preparation, and initiation of an audit
Day 3: On-site audit activities
Day 4: Closing the audit
Day 5: Certification Exam
Examination:
The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)
Domain 2: Information Security Management System (ISMS)
Domain 3: Fundamental audit concepts and principles
Domain 4: Preparation of an ISO/IEC 27001 audit
Domain 5: Conducting an ISO/IEC 27001 audit
Domain 6: Closing an ISO/IEC 27001 audit
Domain 7: Managing an ISO/IEC 27001 audit program
Certification:
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
The requirements for PECB Auditor Certifications are:
| Credential | Exam | Professional experience | MS audit/assessment experience | Other requirements |
| PECB Certified ISO/IEC 27001 Provisional Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Two years: One year of work experience in Information Security Management | Audit activities: a total of 200 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Lead Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Five years: Two years of work experience in Information Security Management | Audit activities: a total of 300 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Senior Lead Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Ten years: Seven years of work experience in Information Security Management | Audit activities: a total of 1,000 hours | Signing the PECB Code of Ethics |
Note: PECB Certified Individuals who do possess the Lead Implementer and Lead Auditor Credentials are qualified for the respective PECB Master Credential, given they have taken 4 additional Foundation Exams which are related to this scheme. For more detailed information about the Foundation Exams and the overall Master Requirements, please go to the following link: https://pecb.com/en/master-credentials.
To be considered valid, these audits should follow best audit practices and include the following activities:
- Audit planning
- Audit interview
- Managing an audit program
- Drafting audit reports
- Drafting non-conformity reports
- Drafting audit working documents
- Documentation review
- On-site Audit
- Follow-up on non-conformities
- Leading an audit team