You must be logged in to take this course  →   |

ISO 27001 Lead Implementer Course

Take our online course to learn all you need to know about ISO 27001, as well as how you can become an independent consultant for the implementation of Information Security Management Systems (ISMS) using ISO 20700. Our course was created for beginners to consulting and information security management, so you don’t need any special knowledge or expertise.

The certificate received upon successfully completing the course exam is proof of your competence as an ISO 27001 practitioner or consultant. Recognized globally, this certification will enhance your career prospects, given that most organizations actively search for professionals with formal certification.

The ISO 27001 Lead Implementer Course is divided into three sections: a video lecture library, an interactive workshop, and an online examination. Each of these will provide you with additional knowledge and get you one step closer to your certification as an ISO 27001 Lead Implementer. In addition, you will receive access to a number of video tutorials on how to write procedures and other documents required by ISO 27001, increasing your confidence as an independent ISO 27001 implementer.

Course Curriculum

Introduction to the course 00:00:00
Module 1 - Introduction to ISO 27001
Introduction & suggested reading 00:00:00
What is ISO 27001? 01:30:00
The structure of ISO 27001 02:30:00
Information security principles 02:30:00
Introduction to the Information Security Management System 02:30:00
Implementing ISO 27001 requirements 03:00:00
Implementing ISO 27001 as a project 01:30:00
Documenting ISO 27001 requirements 03:30:00
ISO 27001 Benefits 02:30:00
Related documentation 00:00:00
Certification FAQs 00:00:00
Recap quiz 00:00:00
Module 2 - The planning phase
Introduction & suggested reading 00:00:00
Understanding your organization and its context [clause 4.1] 02:30:00
Understanding the needs and expectations of interested parties [clause 4.2] 02:00:00
Determining the scope of the ISMS [clause 4.3] 02:00:00
Leadership and commitment [clause 5.1] 02:00:00
Information Security Policy [clause 5.2] 01:00:00
Organizational roles, responsibilities and authorities [clause 5.3] 02:30:00
Information security objectives [clause 6.2] 02:30:00
Resources [clause 7.1] 02:00:00
Competence [clause 7.2] 01:30:00
Awareness [clause 7.3] 01:30:00
Communication [clause 7.4] 01:30:00
Documented information [clause 7.5] 03:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 3 - Risk management
Introduction & suggested reading 00:00:00
Addressing risks and opportunities [clause 6.1.1] 02:00:00
Risk management process [clause 6.1.2] 02:30:00
Information security risk assessment – Risk identification [clause 6.1.2] 03:00:00
Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] 03:00:00
Information security risk treatment [clause 6.1.3] 03:00:00
Statement of Applicability [clause 6.1.3] 02:00:00
Risk treatment plan [clause 6.1.3] 00:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 4 - The Do phase
Introduction & suggested reading 00:00:00
Formulating the risk treatment plan [clause 6.1.3] 02:00:00
Implementing the risk treatment plan [clause 8.3] 01:30:00
Operational planning and control [clause 8.1] 02:30:00
Operating the ISMS [clause 8] 01:00:00
Managing outsourcing of operations [clause 8.1] 02:30:00
Controlling changes [clause 8.1] 02:30:00
Risk assessment review [clause 8.2] 02:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 5 - The Check and Act phases
Introduction & suggested reading 00:00:00
Monitoring, measurement, analysis, and evaluation [clause 9.1] 04:00:00
Internal audit [clause 9.2] 03:00:00
Management review [clause 9.3] 03:00:00
Nonconformities and corrective actions [clause 10.1] 04:30:00
Continual improvement [clause 10.2] 02:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 6 - Annex A – Control objectives and controls
Introduction & suggested reading 00:00:00
Introduction to Annex A – Reference control objectives and controls 02:30:00
Structure of Annex A 04:00:00
Information security policies [A.5] 02:00:00
Organization of information security [A.6] 02:30:00
Human resources security [A.7] 01:30:00
Asset management [A.8] 02:30:00
Access control [A.9] 02:00:00
Cryptography [A.10] 02:00:00
Physical and environmental security [A.11] 03:00:00
Operational security [A.12] 03:30:00
Communications security [A.13] 04:00:00
System acquisition, development and maintenance [A.14] 04:30:00
Supplier relationships [A.15] 02:30:00
Information security incident management [A.16] 03:30:00
Information security aspects of business continuity management [A.17] 03:00:00
Compliance [A.18] 03:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 7 - Getting the project approved
Introduction & suggested reading 00:00:00
What is your situation? 00:00:00
For consultants: Get more sales meetings with prospects 00:00:00
How to get the interest of top management in your project? 00:00:00
How to present the project 00:00:00
Other techniques for presenting the project 00:00:00
For consultants: Writing a great proposal 00:00:00
Recap quiz 00:00:00
Module 8 - Prepare for the implementation
Introduction & suggested reading 00:00:00
Define the scope of the project 00:00:00
Key stages of the project 00:00:00
Tips for project management 00:00:00
Estimating the project 00:00:00
Communication 00:00:00
Use of tools 00:00:00
Define roles and responsibilities 00:00:00
Project manager beware 00:00:00
Project documentation 00:00:00
Write a Project Plan 00:00:00
Kick-off meeting 00:00:00
Recap quiz 00:00:00
Module 9 - Implementation of a management system
Introduction & suggested reading 00:00:00
Executing the project work 00:00:00
Work assignment 00:00:00
Managing work assignments and resources 00:00:00
Enabling smooth project execution 00:00:00
Gathering information and recommending changes 00:00:00
Introducing documentation and changes in day-to-day use 00:00:00
Overcoming the resistance to change 00:00:00
Recap quiz 00:00:00
Module 10 - Monitor, control and completing the project
Introduction & suggested reading 00:00:00
Verifying and issuing a status report 00:00:00
Communication about the project status 00:00:00
Monitor and control meeting 00:00:00
Internal audit 00:00:00
Management review purpose 00:00:00
Management review preparation and execution 00:00:00
Acceptance and implementation closure 00:00:00
Recap quiz 00:00:00
Module 11 - Taking the organization for the certification
Introduction & suggested reading 00:00:00
Go for certification or not? 00:00:00
Choose a certification body 00:00:00
Certification process 00:00:00
Stage 1 and Stage 2 audits 00:00:00
Prepare the certification audit 00:00:00
Logistics of the certification audit 00:00:00
Preparing your people for the certification audit 00:00:00
What to expect from the certification auditors 00:00:00
After the certification audit 00:00:00
Recap quiz 00:00:00
Module 12 - Maintaining the certification
Introduction & suggested reading 00:00:00
Keeping the certification 00:00:00
Improving the management system 00:00:00
Top management leadership and example 00:00:00
Keep the management system updated 00:00:00
Until the next surveillance audit 00:00:00
What is the surveillance audit 00:00:00
Recap quiz 00:00:00
Instructions for taking the exam and obtaining the certificate 00:00:00
STEP 1: Watch video lectures

The access to video lectures section of the course is free, so you can obtain all this knowledge at zero cost. The videos are organized into 12 separate modules, with each containing several videos and quizzes to aid your learning, plus a recap quiz that will give you an idea of the types of questions you may see on the certification exam. You may view a list of the module contents in the curriculum above. The video lectures have all been recorded, allowing you to watch them at your convenience, anywhere you like.

This course was created by Carlos Cruz, a veteran consultant of 30 years with experience in leading a variety of companies and organizations in their implementation efforts.

There are two instructors for this course. Garry Cornell has global experience as a senior manager, certification auditor, and consultant helping a wide range of businesses in their implementations of various ISO standards. Dejan Kosutic has extensive experience with information security management system according to ISO 27001 as a trainer, consultant, and ISO 27001 Lead Auditor. He has authored dozens of articles on leading ISO blogs, as well as the ISO 27001 Documentation Toolkit.

ISO 27001 Lead Implementer Course

Type: Online video lectures

Course language: English

STEP 2: Interactive workshop

We don’t expect you to learn all of the skills you need to implement ISO 27001 information security management system in a series of video lectures, so we developed a supplemental workshop to enhance your learning. You can attend this one-day interactive workshop remotely via webinar. The purpose of the workshop is to help you develop the real-life skills needed in an ISMS implementation, using case studies, role playing, etc. You’ll also have the opportunity to develop soft skills helpful in the certification exam and in your new role as consultant.

Check out the times of our live online workshops to find one that fits your schedule. You can attend from your home or workplace.

ISO 27001 Lead Implementer Course

Duration: 1-day workshop

Type: Online webinar

STEP 3: Online certification exam

Once you have watched all of the video lectures, completed the quizzes, and attended the interactive workshop, you may access the certification exam. This is the final step in your certification journey, and because it is online, you may take it at a time and place convenient to you.

Upon successful completion of the examination, you will be presented with a certificate that formally states your competence as an ISO 27001 consultant.

The ISO 27001 Lead Implementer exam fee is already included in the price of the workshop, so you’ll have instant access once your workshop is booked and paid for.

ISO 27001 Lead Implementer Course

Number of question: 40

Type: Online proctored exam

BONUS: ISO 27001 documentation tutorials

After registering for the workshop and examination, we will send you a link to a bonus series of video tutorials designed to help you with ISO 27001 documentation for information security management system. These tutorials will provide guidance on how to complete the core documents required by ISO 27001, making them invaluable to a new ISO 27001 consultant.

You’ll have comprehensive, step-by-step guidance for completing the Information Security Policy, Information Security Manual, Information Security Objectives, Scope of the Information Security Management System, and the other required documentation for your ISO 27001 implementation project.

ISO 27001 Lead Implementer Course

Number of tutorials: 17

Tutorials language: English

Benefits of getting the certificate

A certificate of competence proves that you attended the eTraining course and that you passed the certification exam. This ensures that you understand and can apply the implementation knowledge you gained in each of the course's modules.

How to get certified?

It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Attend the workshop.
3) Pass the online exam.

Bonuses with the certificate

Once you purchase the certificate, you will receive the following bonuses:

Discount badge

SECURE & SIMPLE: A Small-Business Guide to Implementing ISO 27001 On Your Own (eBook)

The plain English, step-by-step handbook for information security practitioners.

In this book, Dejan Kosutic, an author and experienced information security consultant, is giving away all his practical know-how on successful ISO 27001 implementation. No matter if you’re new or experienced in the field, this book gives you everything you will ever need to implement ISO 27001 on your own.

Course Script (PDF)

If you decide to purchase the exam you will get the PDF script from the course completely free. The script includes everything said in the videos and all quizzes.

This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.

Free exam retake

Once you purchase the exam, you will be able to retake it.

This means, if you do not pass the exam on your first attempt, you can retake it one time, free of charge.

There is no mandatory waiting period between the two attempts.

Practice Exam

With the purchase of the exam, you get access to practice exams. You can use these exams to test your knowledge and familiarize yourself with the exam environment.

The results from the practice exam do not have any effect on the results of the final exam.

Course Reviews

  1. ISO 27001 Lead Implementer Course

    Good you split it up in very short videos. Clear coms by instructors. Advice: add visuals

  2. ISO 27001 Lead Implementer Course

    The course is very informative and helpful. Kudos to you guys

  3. ISO 27001

    These courses are Amazing. It helped me a lot in understanding of ISO 27001. Thanks you so much Dejan Kosutic Sir for this wonderful courses.

  4. ISO 27001 Lead Implementer Course

    This is an excellent course. Very informative. The tutor is highly professional and has excellent skills. The course provides numerous practical examples on how to apply the standard clauses.

  5. ISO 27001 Lead Implementer Course

    The Course was very informative. particularly the detail in respect of the Project Management component. I look forward to identifying more relevant Training and continuing my Journey to ISO Certifications

  6. Review of ISO 27001 Course

    It is an excellent course. The course shed light on ISMS’s knowledge and discussed implementing an ISMS from a project management perspective.
    Thanks for creating such an excellent course.

  7. It was a great learning with a good content.

  8. Awesome presentations

  9. Every bit of information is well presented by simple language that everyone can understand it well.

    I am a big fan of this academy..

  10. A very well presented course with plenty of useful information Re IS0 27001

    Excellent articles and good reading material

  11. Great course

    Very thorough and informative. I feel much more confident and able to implement ISO27001.

  12. Very thorough presentation

    Great articles and thorough presentations, surprisingly all for free.
    Would recommend this course to anyone interested in ISO/would like to apply for certification.

  13. Excellent presentations

    Information is incredible well structured, very easy to follow and very useful for getting a detailed overview over the requirements of ISO 27001 and the necessary steps for implementation.

  14. Great course

    I´m working rigth now to implement ISO 27001, so this course is a great tool to achieve it!!!

  15. Amazing solution

    Haven’t taken the exam yet but definitively looking into it.
    I cannot believe all thoses videos, articles are for free.
    Explanations are very pro, easy to understand and we can refer to it as many times as we want.
    Would I recommend it? Yes! Already did. And no, Advisera doesn’t pay me to write this, it comes from the heart.
    Will continue until finishing up then switch to ISO9001 and GDPR.
    Thanks team for all that. Cheers.

  16. Excelent material!

    This is even better than I expected, it helped me understand not only what the clauses are about but also what is expected from us “on-hands” and tips and tricks to implement ISO 27001 in the simplest way possible, which is still not simple at all, but this tutorial helped clarify a lot.

  17. ISO 27001

    The video is simple to understand and straight to the point. I really enjoyed the tutorial and gain a lot of knowledge from the video. Thank you for the great work.

  18. ISO 27001 implementation videos

    The videos and explanation are pin pointed towards providing minimum desired information about ISO 27001 implementation requirements. Modules related to implementation, project management, add tremendous value – and explain flow of ISMS implementation cycles. Answers to practice questions and practice exams require careful selection.

    Thank you for a great course, shall complete the auditor course in due course.

  19. Excellent

    It was great to learn this course in easy steps…and activities…I got it.

  20. Great Course

    Found it very straightforward and clear to understand.

  21. Great Experience

    Very Much helpful.

  22. View moreShow less

Frequently Asked Questions

There is no time limit, so you can take as long as you need to watch the video lectures. We do, however, recommend that you watch them all within 3–4 weeks so that you get the most benefit from them.

You may access the video lectures at any time. Because the lectures section is a made up of pre-recorded video lectures and freely available practice quizzes, reading, and other resources, you my access them whenever it is convenient.

You don’t need any prior knowledge or experience in the implementation – this course was designed so that a beginner to these topics will understand it.

We have to pay for all of our great resources somehow :). Our video lectures are freely available, but there is a fee required to attend the workshop, take the certification exam, and receive the certificate – but, this fee is highly discounted compared to what you would pay to attend a comparable course in a classroom. In addition, when you pay for the workshop, we will send you a download link to a PDF containing scripts from all of the video lectures, plus practice quizzes, practice tests, and links to extra reading materials. Having access to all of the content from the video lectures will make it much easier to prepare for your workshop and certification exam. You will also be able to access the video tutorials to learn how to write the information security management system documents required by ISO 27001.

To participate in the online workshop, we will send you a special link to connect to the GoToWebinar. All you need is a computer with microphone and speakers.

Completion of all of the video lectures is the only prerequisite.

The certification exam may be taken online, from anywhere. To make this possible, we employ an online proctoring service. Click here to learn more.

After watching all of the video lectures and completing the workshop, you may take the certification exam. If you earn a passing score, you will be issued the certificate. Please note that during the exam, an online proctoring service will verify your identity and ensure that you take the exam without assistance. Click here to learn more about our online proctoring service.

All you need to access the course is your PC, Mac, or mobile device, any major browser (Chrome, Firefox, Internet Explorer, Safari, etc.), and a broadband Internet connection. And, of course, plenty of available time to devote to the course.

The course materials (video lectures, quizzes, reading materials, practice exams, and other resources), along with the skills you learn from the workshop, are all you need to successfully pass the certification exam and receive your certificate.

With your purchase of the certification exam, in addition to having access to the workshop, you will also gain access to a bonus PDF of all the scripts from the video lectures, all of the course questions, readings, access to the practice exams, and a library of video tutorials to guide you through implementation of the mandatory information security management system documentation for ISO 27001.

To learn what ISO 27001 Lead Implementer training looks like, see this article.



  • Exemplar Global logo
    Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL logo
    ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL logo
    DNV GL Business Assurance is one of the leading providers of accredited management systems certification.