ISO 28000 Lead Auditor
Price range: € 995,00 through € 1.800,00
PECB Certified ISO 28000 Lead Auditor
The PECB Certified ISO 28000 Lead Auditor course enables you to develop the necessary competencies to perform Security Management System (SeMS) audits by applying widely recognized audit principles, procedures, and techniques. The program integrates the ISO/IEC 17021-1 requirements, the ISO 19011 guidelines, and other auditing best practices — equipping you to plan, conduct, and close ISO 28000 conformity assessment audits with confidence.
- Training Days: 5
- CPD Certification (Credits): 31
- Exam Duration: 3 hours
- Retake Exam: Yes (free retake within 12 months)
Description
Why Should You Attend?
As organizations worldwide invest in securing their supply chains and operations, the demand for qualified auditors who can independently assess and validate security management systems is growing rapidly. The PECB ISO 28000 Lead Auditor training course is your pathway to mastering the knowledge and practical skills needed to lead credible, high-quality SeMS audits in any organizational context.
Beyond the theoretical foundations, this course takes a hands-on approach through real-world examples, exercises, and quizzes that reinforce your understanding of every stage of the audit process. You will develop practical expertise in interpreting ISO 28000 requirements from an auditor’s perspective, applying evidence- and risk-based audit methods, leading audit teams, drafting nonconformity reports, and managing complete audit programs.
Attaining the PECB Certified ISO 28000 Lead Auditor credential validates your professional expertise and demonstrates to employers and clients alike that you have the knowledge and skills to audit an SeMS based on ISO 28000. It strengthens your credibility as an independent assessor and opens doors to senior auditing and compliance roles across industries.
Whether you are an auditor, consultant, technical expert, or compliance officer, this course will empower you to:
- Plan, conduct, and close ISO 28000 conformity assessment audits in line with international standards.
- Apply evidence-based and risk-based auditing approaches to real-world security environments.
- Lead audit teams and manage complex audit programs effectively.
- Identify nonconformities, draft findings, and support organizations through corrective action processes.
By joining this course, you are building the expertise needed to become a trusted, internationally recognized ISO 28000 auditor.
Who Should Attend?
This course is particularly advantageous and intended for:
- Auditors seeking to perform and lead SeMS audits
- Individuals responsible for maintaining conformity to the ISO 28000 requirements
- Technical experts seeking to prepare for an SeMS audit
- Professionals wanting to pursue a career in management systems conformity assessments
- Security management consultants
- Regulators responsible for ensuring compliance with security standards and regulations
- Management representatives seeking to master the SeMS audit process
Learning Objectives
By the end of this training course, participants will be able to:
- Explain the fundamental concepts and principles of a security management system based on ISO 28000
- Interpret ISO 28000 requirements for a SeMS from the perspective of an auditor
- Evaluate SeMS conformity to ISO 28000 requirements by applying widely recognized audit concepts and principles
- Plan, conduct, and close an ISO 28000 conformity assessment audit in accordance with ISO/IEC 17021-1, ISO 19011, and other auditing best practices
- Manage an ISO 28000 audit program
Course Agenda
- Day 1: Introduction to the SeMS and ISO 28000 — standards and regulatory frameworks, certification process, fundamental security management concepts, overview of ISO 28000 requirements
- Day 2: Audit principles and preparation — fundamental audit concepts, trends and technology in auditing, evidence-based and risk-based auditing, audit initiation, Stage 1 audit
- Day 3: On-site audit activities — Stage 2 audit preparation and execution, communication during the audit, audit procedures, creating audit test plans
- Day 4: Closing of the audit — drafting findings and nonconformity reports, audit documentation and quality review, evaluating action plans, managing an internal audit program
- Day 5: Certification Exam
Examination
The exam fully meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:
- Domain 1: Fundamental principles and concepts of a security management system
- Domain 2: Security management system requirements
- Domain 3: Fundamental audit concepts and principles
- Domain 4: Preparing an ISO 28000 audit
- Domain 5: Conducting an ISO 28000 audit
- Domain 6: Closing an ISO 28000 audit
- Domain 7: Managing an ISO 28000 audit program
Certification
After passing the exam, you can apply for one of the following credentials depending on your professional experience:
| Credential | Professional Experience | Audit Experience |
|---|---|---|
| PECB Certified ISO 28000 Provisional Auditor | None | None |
| PECB Certified ISO 28000 Auditor | 2 years (min. 1 in security management) | 200 hours |
| PECB Certified ISO 28000 Lead Auditor | 5 years (min. 2 in security management) | 300 hours |
| PECB Certified ISO 28000 Senior Lead Auditor | 10 years (min. 7 in security management) | 1,000 hours |
All credentials require signing the PECB Code of Ethics. For more information, please refer to the Certification Rules and Policies.
General Information
- Certification and examination fees are included in the price of the training course.
- PECB will provide over 450 pages of training material with information and practical examples.
- An attestation of course completion worth 31 CPD credits will be issued.
- In case of exam failure, you can retake the exam once for free within 12 months of the initial exam date.
Prerequisites
A basic understanding of ISO 28000 and security management concepts is recommended, though no formal prerequisites are required.
Additional information
| Course | ISO 28000 |
|---|---|
| Duration | 5 days |
| Learning Type | In person, Self-study, Virtual Classroom |
| Vendor | PECB |