ISO/IEC 27001 Lead Auditor (PECB)

Now as a combined classroom and online course.

About the course

The course is primarily aimed at people who want to plan, perform, or participate in ISO 27001 audit assignments, but is also aimed at managers who want to understand how compliance with ISO 27001 affects the business and how compliance can be checked.


In addition, many people choose the audit course rather than the implementation course, as this course gives them the auditor's perspective on ISO 27001 implementation.


The course takes 4 days, exam day 5. The course material is available in English, but the course can be held in Norwegian by request.


A 3-hour written exam is held on the last day of the course. You can also take the exam online. You then decide the time yourself. Course materials are allowed to be used as aids.


The Lead Auditor course provides a very thorough introduction to the most comprehensive framework for building effective and risk-based safety management in a business. ISO / IEC 27001 also covers areas outside cyber security.


The course focuses on the audit aspect but is also very useful for those who are to implement all or part of the ISO / IEC 27001 framework and provides insight into how auditors work and think.


The ISO / IEC 27001 framework comprises a total of 114 measurable controls:

  • Information security policies (2 controls)
  • Organization of information security (7 controls)
  • Human resource security (6 controls)
  • Asset management (10 controls)
  • Access control (14 controls)
  • Cryptography (2 controls)
  • Physical and environmental security (15 controls)
  • Operations security 14 controls)
  • Communications security (7 controls)
  • System acquisition, development and maintenance (13 controls)
  • Supplier relationships (5 controls)
  • Information security incident management (7 controls)
  • Information security aspects of business continuity management (4 controls)
  • Compliance; with internal requirements such as policies, and with external requirements, such as laws (8 controls)
The goal of the course

The course enables formal certification as an ISO / IEC 27001 auditor at the levels «provisional», «auditor» or «lead auditor» depending on experience. As you build experience, you can be re-certified at higher levels. Certification takes place through an optional certification organization based on passing the exam. Certification through PECB is included in the course price.


The course is practically oriented and is set up around a "case study" of a fictitious company.

Questions and registration for ISO27001 Lead Auditor courses

If you have questions about the course, contact Stein Arve Jacobsen Møllerhaug, on +47 906 41 100

The course conditions can be found here.

Experis helps you all the way to complete certification.

Click here for the next date and registration for the ISO27001 Lead Auditor course.

For all our exam-oriented courses from PECB, we offer you to follow a later course for free if you do not pass the exam on the first try. You only pay for the food.