PECB-820-2 ISO/IEC 27001 LA Exam Preparation Guide
Page 2 of 16
The objective of the “Certified ISO/IEC 27001 Lead Auditor” examination is to ensure that the
candidate has the knowledge and the skills to plan and perform an Information Security
Management System (ISMS) audit compliant with the ISO/IEC 27001:2013 standard, to master
audit principles and techniques, and to manage (or be part of) audit teams and audit programs.
The target population for this examination is:
Auditors wanting to perform and lead an Information Security Management System (ISMS)
audit as responsible of an audit team
Project managers or consultants wanting to master the Information Security Management
System audit process
Persons responsible for the Information security or conformity in an organization
Members of an information security team
Expert advisors in information technology
Technical experts wanting to prepare for an Information security audit function
The exam content covers the following domains:
Domain 1: Fundamental principles and concepts of information security (IS)
Domain 2: Information Security Management System (ISMS)
Domain 3: Fundamental audit concepts and principles
Domain 4: Preparation of an ISO/IEC 27001 audit
Domain 5: Conduct of an ISO/IEC 27001 audit
Domain 6: Closing an ISO/IEC 27001 audit
Domain 7: Managing an ISO/IEC 27001 audit program
