🛡️ ISO 27001 Lead Auditor (Exam-Prep)
Independent exam-prep over the public ISO/IEC 27001:2022 requirements and ISO 19011 auditing guidelines, with original practice questions and a final exam.
Last updated: June 2026
An independent, free exam-preparation course over the publicly published ISO/IEC 27001:2022 requirements (clauses 4-10 and Annex A) and the ISO 19011 auditing guidelines. Visual lessons cover the ISMS, risk assessment and treatment, the Statement of Applicability, audit principles, planning, evidence and sampling, nonconformities and reporting, the certification cycle, and auditor competence and ethics, finishing with a 10-question exam-style final. This is awareness/preparation only over the public syllabus and is NOT the official IRCA/accredited Lead Auditor course or its examination, and implies no affiliation or endorsement. It maps to ISO/IEC 27001 + ISO 19011 (auditing). The course is organized into 12 modules, ending with a final exam (pass mark 70%). It is independent, free exam-preparation training — not an official or accredited review course.
What you'll learn
- ISO/IEC 27001:2022 Overview & ISMS Context (Clause 4)
- Leadership, Policy & ISMS Scope (Clause 5)
- Risk Assessment, Treatment & the Statement of Applicability (Clause 6)
- Support & Operation: Auditing Clauses 7 and 8
- Performance Evaluation & Improvement (Clauses 9–10)
- Annex A Controls: Organizational & People
- Annex A Controls: Physical & Technological
- Audit Principles & ISO 19011 Fundamentals
- Managing an Audit Programme
- Conducting the Audit: Planning, Opening Meeting, Evidence & Sampling
- Nonconformities, Findings, Reporting & Follow-Up
- Auditor Competence, Ethics & Certification Audits (ISO/IEC 17021)
Learning objectives
- Recognise that this is independent ISO 27001 Lead Auditor exam-prep over the public ISO/IEC 27001 and ISO 19011 syllabus, not the official accredited course or its exam
- Explain the ISMS clause structure of ISO/IEC 27001 (4 context, 5 leadership, 6 planning, 7 support, 8 operation, 9 evaluation, 10 improvement) and the PDCA, risk-based approach
- Perform and evaluate information-security risk assessment and risk treatment, including risk acceptance and residual risk
- Describe Annex A and its four 2022 control themes (organizational, people, physical, technological) and justify a Statement of Applicability
- Apply the seven ISO 19011 audit principles and the full audit lifecycle from initiation to follow-up
- Plan and conduct an ISMS audit: scope, criteria, risk-based plan, checklists, objective evidence, sampling and interviewing
- Grade nonconformities (major/minor/OFI), write defensible findings, and outline the ISO/IEC 17021-1 certification cycle (Stage 1/2, surveillance, recertification)
- Manage the audit team and demonstrate auditor competence, independence and ethics
- Sit a 10-question exam-style final (80% to pass) spanning the whole syllabus