×
 
 Back to all courses

ISO/IEC 27001:2022 Information Security Management Systems Auditor/ Lead Auditor (CQI IRCA) Training

 

08 Dec 2025, Monday - 12 Dec 2025, FridaySee Schedule below for times (GMT +8:00) Kuala Lumpur, Singapore

 

TUV SUD PSB 15 International Business Park, 609937

Register
0%

Overview

Our ISO/IEC 27001:2022 Information Security Management Systems (ISMS) auditor/ lead auditor (CQI IRCA) certificate will give you an edge in the information security market with world-class training from TÜV SÜD experts. This 5-day course is CQI & IRCA (http://www.quality.org/) accredited training. By completing this course, you will:

  • Receive a globally recognised ISO/IEC 27001:2022 Information Security Management Systems auditor/ lead auditor (CQI IRCA) certificate

  • Gain a 360⁰ understanding of the concept of Information Security Management Systems auditing

  • Learn from our team of experienced and knowledgeable TÜV SÜD experts in information security

  • Learn through lectures, case studies, group exercises, and discussions

  • Meet and build relationships with other professionals interested in information security management

TGS Code: TGS-2025054325

Course Description & Learning Outcomes

Our ISO 27001 lead auditor course will provide participants with a comprehensive understanding of the ISO/IEC 27001:2022 standard and the skills necessary to conduct effective ISMS audits.

ISMS concepts and ISO 27001 standard

  • ISMS concepts and benefits

  • Risk assessment and management

  • ISO 27001 process framework requirements

  • ISO 27001 standard requirements

  • ISMS documentation

Auditing principles

  • Auditing objectives

  • Types of audits

  • Process approach

Roles and responsibilities of auditors

  • Auditors and lead auditors

  • The auditors’ responsibilities

  • The lead auditors’ responsibilities

  • Auditors qualification and certifications

Planning an audit

  • Pre-audit planning

  • Reviewing documentation

  • Developing an audit plan

  • Preparing checklists or working documents

  • Communication factors

Conducting an audit

  • Opening meeting

  • Collecting objective/audit evidence

  • Effective interviewing techniques

  • Identifying and recording nonconformities

  • Preparing for the closing meeting

  • Do’s and Don’t’s of auditing

Reporting audit results

  • Conducting the closing meeting

  • Preparing the audit report

  • Distributing the audit report

Corrective actions

  • Corrective action responsibilities

  • Follow up scheduling

  • Monitoring corrective action

ISO 27001 registration

  • Choosing a registrar

  • The registration process

  • Surveillance audits

Exercises / Roleplay (50% of course time)

Written Assessment

Recommended Prerequisites

Those who have been assisting with ISO27001 on Cybersecurity and wants to learn more about ISO27001.

The participants interested in attending this course must have prior knowledge of the management system and principles and concepts of Information Security Management.

Participants are expected to have the following prior knowledge:

1. Management systems

  • Understand the Plan-Do-Check-Act (PDCA) cycle

2. Information security management

  • Knowledge of the following information security management principles and concepts:

  • Awareness of the need for information security

  • The assignment of responsibility for information security

  • Incorporating management commitment and the interests of stakeholders

  • Enhancing societal values

  • Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk

  • Incorporating security as an essential element of information networks and systems

  • The active prevention and detection of information security incidents

  • Ensuring a comprehensive approach to information security management

  • Continual reassessment of information security and making of modifications as appropriate

3. ISO/IEC 27001

  • Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000, which may be gained by completing an IRCA-certified ISMS Foundation Training course or equivalent.

Please submit relevant proofs to demonstrate that you meet the prerequisites for this course.

Disclaimer This course is not for filling gaps in your knowledge about the ISO/IEC 27001:2022 standard; but for improving the knowledge about the same from an audit perspective.

Schedule

Start Date: 08 Dec 2025, Monday
End Date: 12 Dec 2025, Friday

5 days, Physical Classroom, Time: 0900 - 1800

Location: TUV SUD PSB 15 International Business Park, 609937

Skills Covered

PROFICIENCY LEVEL GUIDE
Beginner: Introduce the subject matter without the need to have any prerequisites.
Proficient: Requires learners to have prior knowledge of the subject.
Expert: Involves advanced and more complex understanding of the subject.

  • Cybersecurity (Proficiency level: Proficient)

Speakers

Trainer's Profile:

TBC, TBC, TUV SUD PSB PTE LTD
TBC

TBC

Technology:
CybersecurityData AnalyticsTrust Technologies
Industries:
OthersFood ServicesWholesale and Retail TradeCarbon MarketsConstructionEnergy and ChemicalsElectronicsAerospaceAcademiaDefence and SecurityAgriculture and AquacultureFinancial ServicesGovernmentInformation and CommunicationsLogisticsHospitality and TourismFood ManufacturingIntergovernmental Organisations (e.g. WHO, IMF, UN, EU)ManufacturingProfessional ServicesMarine and OffshorePower and ElectricityReal EstatePrecision EngineeringMining and QuarryingNon-Governmental Organisations (e.g. WEF, UNICEF, WWF)Trade Associations and ChambersWater and Waste TreatmentHealth and Biomedical Sciences

Other courses you may like

AI Assisted Software Engineering for Quantum Computing

Artificial Intelligence||Quantum Technologies Others

Jan 12, 2026

Register

Cloud Operations on AWS

Others Others

Feb 17, 2025

Register

Prof. Certificate in XR Immersive

Augmented Reality (AR) and Virtual Reality (VR) Others||Construction||Academia||Financial Services||Government||Information and Communications||Hospitality and Tourism||Manufacturing||Professional Services||Marine and Offshore||Real Estate

Jun 21, 2025

Register