HomeCoursesISO/IEC 27001 Lead Implementer

🔐 ISO/IEC 27001 Lead Implementer

Free training for ISO/IEC 27001 Lead Implementer with a signed certificate. Learn the modules, pass the 10-question exam, EN/FR/AR, no account.

Last updated: June 2026

A free, independent course that teaches how to plan, build, operate and certify an Information Security Management System (ISMS) to ISO/IEC 27001:2022. It walks through the standard's structure (Clauses 4–10 plus the Annex A controls), the implementation project lifecycle, risk assessment and treatment, the Statement of Applicability, internal audit and the certification audit. It is awareness and implementation training only — not the official PECB/BSI course, and it does not itself certify your organisation. The course is organized into 7 modules, ending with a final exam (pass mark 80%). It is free awareness-level training designed for anyone who needs a practical, working understanding of the topic.

What you'll learn

  • What ISO/IEC 27001 Is & the ISMS Concept
  • The Standard's Structure — Clauses 4 to 10
  • Running the Implementation Project (Clauses 4 & 5)
  • Risk Assessment & Treatment (Clause 6)
  • Annex A Controls & the Statement of Applicability
  • Operating the ISMS — Support & Operation (Clauses 7 & 8)
  • Audit, Improvement & Certification (Clauses 9, 10 & beyond)

Learning objectives

  • Explain what an ISMS is and how ISO/IEC 27001:2022 relates to ISO/IEC 27002 and the wider 27000 family
  • Navigate the standard's Harmonized Structure — mandatory Clauses 4 to 10 versus the Annex A reference controls
  • Run an implementation project: context, leadership, scope, gap analysis, planning and resourcing
  • Perform an information security risk assessment and choose risk treatment options
  • Build the Statement of Applicability (SoA) and the risk treatment plan from the 93 Annex A controls in four themes
  • Operate the ISMS using Plan-Do-Check-Act, documented information and competence/awareness
  • Conduct internal audits and management review, and handle nonconformities and corrective action
  • Prepare for the Stage 1 and Stage 2 certification audit and maintain certification through surveillance
  • Sit a 10-question final exam (80% to pass) built from original questions across the whole standard