Skip to content
Cognicert Limited Reg. No. RC 013252190 +44 20 3432 0618 contact_us@cognicert.com
Browse Courses
Courses

ISO 27100 Lead Auditor

This ISO 27100 Lead Auditor course develops skills to audit cybersecurity management systems based on ISO/IEC TS 27100:2020.

2026 Course Schedule

2026 Course Schedule

Preparatory Course Date Application Deadline
January 19-23, 2026 December 30, 2026
April 6-10, 2026 March 16, 2026
July 6-10, 2026 June 15, 2026
October 5-9, 2026 September 14, 2026
Enrol & Pay Online Group Training

Course fees

Self-study
£500
Online training
£1,200
Enrol & Pay Online
Secured by Stripe
  • Globally recognised certificate
  • Flexible online & self-study options
  • Group training discounts available

Course Overview

📚 Course Overview:

This ISO 27100 Lead Auditor course is designed to develop the knowledge, skills, and confidence required to audit and assess cybersecurity management systems based on the guidance provided in ISO/IEC TS 27100:2020. The training provides an overview of cybersecurity concepts, threat modeling, risk analysis, and practical auditing techniques tailored to cybersecurity governance.

Participants will gain an in-depth understanding of the structure and intent of ISO/IEC TS 27100 and how it interfaces with other standards such as ISO/IEC 27001, ISO/IEC 27005, and ISO/IEC 27032. Emphasis is placed on performing first-party, second-party, and third-party audits in accordance with ISO 19011 and ISO/IEC 17021-1 principles.

🎯 Course Objectives:

By the end of the course, participants will be able to:

  • Understand the key concepts and framework of ISO/IEC TS 27100:2020
  • Assess the effectiveness of cybersecurity governance in an organization
  • Plan, conduct, report, and follow up on cybersecurity audits
  • Evaluate an organization’s response to threats and vulnerabilities
  • Demonstrate compliance with ISO/IEC TS 27100 in the context of ISO 27001 audits
  • Lead an audit team using ISO 19011 audit techniques

🎯 Target Audience:

This course is ideal for:

  • Cybersecurity professionals and risk managers
  • Information Security Managers (ISMs)
  • Lead Auditors or Internal Auditors
  • IT/IS Consultants
  • Professionals involved in GRC (Governance, Risk, and Compliance)
  • Those seeking to qualify as ISO/IEC TS 27100 Lead Auditors

📖 Reference Standards:

  • ISO/IEC TS 27100:2020 – Cybersecurity – Overview and Concepts
  • ISO/IEC 27001:2022 – Information Security Management
  • ISO/IEC 27032:2012 – Cybersecurity Guidelines
  • ISO/IEC 27005:2022 – Information Security Risk Management
  • ISO 19011:2018 – Guidelines for Auditing
  • ISO/IEC 17021-1:2015 – Conformity Assessment Requirements for Auditing Bodies

🧠 Expected Outcomes:

After successful completion, participants will:

  • Understand cybersecurity fundamentals, including threat types and actors
  • Conduct effective audits of cybersecurity controls and governance
  • Evaluate compliance with ISO/IEC TS 27100 concepts
  • Lead an audit team and manage audit programs
  • Receive a Lead Auditor Certificate (exam-based)

Course Structure:

📅 Day 1 – Introduction to Cybersecurity & ISO/IEC TS 27100

  • Cybersecurity scope and principles
  • Introduction to ISO/IEC TS 27100:2020
  • Relationship to ISO/IEC 27001 and other frameworks
  • Cybersecurity domains and terminology
  • Threat actors, attack vectors, and vulnerabilities
  • Cybersecurity lifecycle and control categories

Activities:

  • Case study review of recent cyber incidents
  • Group exercise: Identify gaps in cyber coverage

📅 Day 2 – Cybersecurity Risk & Governance Frameworks

  • Risk management in cybersecurity (ISO/IEC 27005 approach)
  • Cyber governance vs. IT governance
  • Regulatory & legal landscape overview (NIS, GDPR, etc.)
  • Integrating TS 27100 into ISMS (ISO 27001)
  • Maturity models and cybersecurity capability assessments

Activities:

  • Risk identification and mitigation workshop
  • Interactive group discussion: Applying 27100 in different sectors

📅 Day 3 – Audit Process, Planning & Execution

  • Overview of ISO 19011 auditing guidelines
  • Audit planning: scope, objectives, and team roles
  • Document review and audit checklist development
  • Conducting opening meetings and interviews
  • Evidence collection, audit techniques (sampling, triangulation)
  • Managing audit findings and nonconformities

Activities:

  • Role-play simulation: Audit interviews and observations
  • Workshop: Drafting audit plan and checklist

📅 Day 4 – Audit Reporting, Nonconformities & Exam

  • Audit reporting: structure and key content
  • Follow-up and corrective action verification
  • Presenting findings professionally
  • Auditor code of ethics and behavior
  • Final written Lead Auditor Examination
  • Course wrap-up and Q&A

Activities:

  • Final practical audit simulation (team-based)
  • Multiple-choice and scenario-based certification exam

📅 Day 5 –Examination

  • Final course review
  • Final exam: multiple-choice and scenario-based questions

🧪 Training Methodologies:

  • Interactive lectures with real-world examples
  • Workshops and breakout sessions
  • Case studies based on real cyber incidents
  • Mock audits and team simulations
  • Quizzes & review sessions for exam readiness
  • Final day proctored exam and certification

Duration: 5 Days

Delivery Options: 

Frequently Asked Questions: https://cognicert.com/faqs/

 Enquire Now

[contact-form-7 id="2fc7c20" title="Course Sign up"]

Who Is This Course For?

  • Quality managers and management system professionals seeking Lead Auditor or Lead Implementer status
  • Consultants advising organisations on standards implementation and compliance
  • Internal auditors looking to formalise and internationally recognise their skills
  • Professionals in regulated industries requiring evidence of independent competence
  • Individuals building a career in certification, auditing, or standards consultancy

No prior certification experience is required. Basic knowledge of management systems is beneficial.

Course Contents

01
Introduction & Standards Background

History, purpose, and structure of the standard. Key requirements and terminology.

02
Planning & Implementation

How to plan and execute a management system implementation aligned to the standard.

03
Audit Principles & Process

Audit types, planning, conducting, and reporting. Evidence-based auditing techniques.

04
Non-Conformities & Corrective Action

Identifying non-conformities, root cause analysis, and verifying corrective actions.

05
Assessment & Certification

Examination format, competency assessment, and the path to professional certification.

Pricing & Enrolment

Great value

Self-Study

Flexible distance learning. Study at your own pace with full access to digital course materials and online assessment.

£500 per person
  • Flexible self-paced learning
  • Full digital course materials
  • Online assessment
  • Digital certificate on completion
  • Email support from course team
Enrol & Pay Online

Online Training

Live instructor-led sessions delivered online. Includes course materials, assessment, and certificate on successful completion.

£1,200 per person
  • Live virtual classroom sessions
  • Expert-facilitated instruction
  • Course materials included
  • Online assessment
  • Digital certificate on completion
Enrol & Pay Online

Group & Corporate Training

Training your team? We offer in-house and group sessions with custom scheduling and volume pricing for organisations of any size.

Custom contact us for a quote
  • Volume discounts for 5+ delegates
  • In-house delivery at your premises
  • Customised scheduling
  • Dedicated training coordinator
  • Post-training support included

You might also consider

View all Courses courses