ISO 27001 Lead Implementer

ISO 27001 lead implementer course, ISO 27001 lead auditor training, ISO 27001 lead auditor certification, ISO 27001 lead auditor exam, information security

ISO 27001 Lead Implementer Training course and certification exam

Mastering the implementation and management of an Information Security Management System (ISMS), based on ISO 27001:2013, with ISO 27001 Lead Implementer training course.


11-Mar-2019, Lisbon   Price | Register       
This five-day ISO 27001 Lead Implementer training course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013.

Participants will also gain a thorough understanding of best practices used to implement the ISMS through organizational context and incorporation of interested parties. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects).

This training is also fully compatible with ISO 27002 (Security Techniques — Code of practice for information security controls), ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO 27005 (Risk Management in Information Security).

Training Methodology
ISO 27001 Lead Implementer training course is based on both theory and practice sessions with:

  • Lectures illustrated with examples based on real cases.
  • Practical exercises based on a full case study including role playings and oral presentations. To benefit from the practical exercises, the number of training participants is limited.
  • Review exercises to assist the exam preparation.
  • Practice test similar to the certification exam.

This course is available to be delivered in a classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

  • Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS).
  • ISO 27001 auditors who wish to fully understand the Information Security Management System implementation process.
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks.
  • Members of an information security team.
  • Expert advisors in information technology.
  • Technical experts wanting to prepare for an information security function or for an ISMS project management function.
ISO 27001 Foundation Certification or a basic knowledge of ISO 27001:2013 is recommended, however not mandatory since on the first day the standard will be introduced.
Learning Objectives
At the end of the course students should be able to:

  • understand the implementation of an Information Security Management System in accordance with ISO 27001:2013.
  • gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System.
  • understand the relationship between the components integrated into organizational context, including risk management, controls and compliance with the requirements of different stakeholders of the organization.
  • acquire necessary expertise in understanding the business context of an organization when implementing the ISO 27001.
  • understand the importance of interested parties (shareholders, authorities, clients, partners etc.).
  • develop knowledge and skills required to advise organizations on best practices in the management of information security.
  • improve the capacity for analysis and decision making in the context of information security management.
  1. Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001; Initiating an ISMS
    • Introduction to management systems and the process approach
    • Presentation of the standards ISO 27001, ISO 27002 and ISO 27003 and regulatory framework
    • Fundamental principles of Information Security
    • Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827
    • Writing a business case and a project plan for the implementation of an ISMS
  2. Planning the implementation of an ISMS based on ISO 27001
    • Defining the scope of an ISMS
    • Development of an ISMS and information security policies
    • Selection of the approach and methodology for risk assessment
    • Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO 27005)
    • Drafting the Statement of Applicability
  3. Implementing an ISMS based on ISO 27001
    • Implementation of a document management framework
    • Design of controls and writing procedures
    • Implementation of controls
    • Development of a training & awareness program and communicating about the information security
    • Incident management (based on guidance from ISO 27035)
    • Operations management of an ISMS
  4. Controlling, monitoring, measuring and improving an ISMS; certification audit of the ISMS
    • Controlling and Monitoring the ISMS
    • Development of metrics, performance indicators and dashboards in accordance with ISO 27004
    • ISO 27001 internal Audit
    • Management review of an ISMS
    • Implementation of a continual improvement program
    • Preparing for an ISO 27001 certification audit
  5. ISO 27001 Lead Implementer Certification Exam
  • ISO 27001 is an auditable Information Security Management System (ISMS).
  • ISO 27001 allows certification and international recognition of an organization. Allows access to new markets and optimization of operations. Allows improve quality, increase productivity, competitive advantage, customer satisfaction and sales.
  • ISO 27001 Lead Implementer course bases its pedagogical model in a certification program aligned with ISO 17024 standard, which defines the requirements for certification of people, fulfilling the recommendations of ISO.
  • ISO 27001 Lead Implementer course geared towards to the implementation of the standard, through a step-by-step implementation process. Thus, throughout the course, in addition to the basic concepts of ISMS, are presented the steps needed to prepare and start the ISMS implementation project, which includes the selection of the approach, the implementation methodology, among other activities needed to implement the ISMS, based on the methodology presented, including ISMS operation and therefore the control, monitoring and continuous measurement.
  • One of the strengths of the ISO 27001 Lead Implementer course, in addition to inclusion of implementation methodology, is that it allows to prepare professionals for the audit of ISO 27001 certification and the registration in the certifying body. Addresses itself to this end, the recommendations of ISO 19011 and the ISO 17021 – requirements for certification bodies.
  • Certification exam is monitored by an official Behaviour administrator.
  • ISO 27001 Lead Implementer certification exam is conducted at the end of the course, on the last day of training, which focuses on development questions and case studies allowing the certifying entity to measure, more effectively, the knowledge of the candidates.
  • Upon success in the exam, professional will achieve one of the ISO 27001 certifications levels. In case of failure, professional may repeat the exam at no additional cost, within 1 year after the date of the 1st examination.
  • Behaviour Pedagogical Model aims to provide a learning environment conducive to acquisition of competences, in accordance with objectives of each training program. Promoting interaction, participation and appreciation of experiences, we contribute to meaningful learning, certification and international recognition but, above all to the development of critical thinking and autonomy.
  • Behaviour is an organization accredited by DGERT (Portuguese Government Entity) and certified on ISO 9001. Behaviour has its Quality Management System (QMS) implemented in accordance with the requirements of ISO 9001, the requirements of DGERT, the requirements of the European standard NP 4512 and the standard ISO 10015.
The “Certified ISO 27001 Lead Implementer” exam fully covers the following competence domains:

  • Domain 1: Fundamental principles and concepts of information security
  • Domain 2: Information security control best practice based on ISO 27002
  • Domain 3: Planning an ISMS based on ISO 27001
  • Domain 4: Implementing an ISMS based on ISO 27001
  • Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001
  • Domain 6: Continual improvement of an ISMS based on ISO 27001
  • Domain 7: Preparing for an ISMS certification audit

The “Certified ISO 27001 Lead Implementer” exam is available in English language.
Duration: 3 hours.
The exam result is sent via email to the candidate within eight weeks after the examination, being the exam result graduated in qualitative note: “Pass or Fail”.
In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade.

After successfully completing the exam, participants can apply for the credentials: “Certified ISO/IEC 27001 Provisional Implementer”, “Certified ISO/IEC 27001 Implementer” or “Certified ISO/IEC 27001 Lead Implementer”, depending on their level of experience.

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential.

ISO 27001 Lead Implementer certification program is aligned with ISO 17024 standard.

The requirements for the “Lead Implementer” certification are:

Certification Exam Professional Experience ISMS Audit Experience ISMS Project Experience
ISO 27001 Provisional Implementer ISO 27001 LI None None None
ISO 27001 Implementer ISO 27001 LI 2 years
1 year of information security work experience
None Project activities totalling 200 hours
ISO 27001 Lead Implementer ISO 27001 LI 5 years
2 years of information security work experience
None Project activities totalling 300 hours
Our specialists are renowned consultants and auditors, with several years of experience in the areas of implementation, auditing and training in family ISO 27000, with particular focus on standards ISO27001, ISO27005 and their associated standards.
Some of our experts work directly in the improvement of these standards through its participation in the committees responsible for these standards in various countries.
General Information
  • Training in English language.
  • Course manual in English, containing over 450 pages of information and practical examples.
  • Behaviour Participation Certificate of 31 CPD (Continuing Professional Development) credits.
  • Certification exam.
  • Certification Diploma after successful examination and formal process registration. This process has no associated cost.
  • Coffee break in the morning and afternoon (applies to all training that take place in Behaviour facilities).
participants evaluation     4.7 in 5
Dates and Investment


(*) All dates of this course are guaranteed only for the events that take place in Lisbon. In other locations the events are subject to a minimum number of participants.
On Behaviour all courses at Lisbon occur regardless of the number of trainees in room. The concept of setting up classes does not exist in our educational model, which is why all public dates, presented on the website, are guaranteed. So if you’re in Portugal or anywhere else in the world, you can prepare your week or your trip, as long as you ensure your registration in the course.

ISO 27001 Lead Implementer Training course and certification exam

ISO 27001 lead implementer course, ISO 27001 lead auditor training, ISO 27001 lead auditor certification, ISO 27001 lead auditor exam, information security