Resit – Examination Auditor/Lead Auditor program on Information Security Management System based on ISO/IEC 27001:2022

ISO/IEC 27001:2022 international standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

This comprehensive five-day course is structured to provide a basic understanding of ISO/IEC 27001:2022 requirements blended with presentations, case studies, exercises, workshops, and role-plays to ensure that the participant thoroughly learns about the role of an auditor / lead auditor and acquires the expertise needed to perform effective audits.

At the end of this course, you will be able to:

• have essential knowledge and understanding of ISO/IEC 27001:2022
• assess the Information Security Management System of an organization in accordance with the requirements of the ISO/IEC 27001:2022 standard and ensure critical business information and assets are secured.

1. ISMS Concepts and ISO/IEC 27001 Standard

• ISMS concepts and benefits
• Risk assessment and management
• ISO/IEC 27001 standard requirements
• ISMS documentation

2. Auditing Concepts

• Audit objectives and auditing principles
• Types of audits
• Audit methods
• Audit process

3. Roles, Responsibilities, and Competency of Auditors

• Auditor and lead auditor’s responsibilities
• Competency of auditors
• Auditor's qualification and certification
• Auditor evaluation methods.

4. Planning an Audit

• Pre-audit planning
• Reviewing documentation
• Developing an audit plan
• Preparing checklists or working documents
• Communication factors

5. Conducting an Audit

• Opening meeting
• Effective interviewing techniques
• Collecting and verifying objective/audit evidence
• Identifying and recording nonconformities
• Closing meeting
• Do’s and Don’ts of auditing

6. Reporting Audit Results

• Preparing the audit report
• Distributing the audit report

7. Follow-up Actions

• Follow-up actions of an audit
• Corrective action of reporting
• Follow-up scheduling
• Monitoring corrective action

8. CQI IRCA Certification

• Registration process
• Code of conduct

9. Written Examination (Online)

The participant who attended a 5-day course but failed or missed the first attempt exam, is eligible to appear for a Resit examination.

The participant who attended a 5-day course but failed or missed the first attempt, is eligible to appear for a Resit examination within 12 months of their first examination attempt.

Business Benefits from this Course

• Meet legal and regulatory compliance
• Follow a systematic approach to information security
• Improve information security and reduce overall business risk
• Limit IT security costs by reducing the risk of security breaches
• Gain significant marketplace advantage with a strong commitment to information security

TÜV SÜD South Asia as an approved training partner of CQI|IRCA and fulfils all compliances of the course PR373: ISMS ISO/IEC 27001:2022 Lead Auditor holding training course reference No 2544. Participants who score 70% and above in continuous assessment, plus 50% overall in each domain in final written examination will be issued a CQI|IRCA accredited certificate of successful completion of the course, which is a renowned certification and carries worldwide acceptance. Unsuccessful candidates will be issued a certificate of attendance.

Final examination will be conducted Online by CQI|IRCA. Please find exam framework for CQI|IRCA Lead Auditor Training Course as below:

• Exam duration: 1 hour 45 minutes
• Total number of items/questions: 40
• Maximum available: 80
• Learners must achieve the minimum passing mark for each domain and an overall score of 40 marks (50%)
• Open book exam. Learners can access relevant ISO standard during exam (electronic or paper copy permitted)

1. I have not received my login details for the practice questions and/or online exam.
You should have received two emails – one containing your login details for the practice questions portal and the other with your login details for the exam portal.
If you have not received one or both of these emails, please check your junk mail folder.
If you have given your training provider a work email address, please ask your organisation’s IT support to check if the emails have been blocked by the company’s mail server.
If you still have not received your login details, please contact your training provider and ask them to check that they have uploaded your correct email address to the CQI.

2. I have been registered for the wrong exam
If the emails with your login details are showing the wrong exam, please contact your training provider. They will re-upload your details to the CQI with the correct exam information. You will then receive two new emails with the correct login and exam details. Please delete the original emails.

3. How do I log onto the online assessment platform (SARAS)?
Please watch our 'Logging into SARAS' video.
If you have copied your username and password from your login email, in some cases the text formatting will also be copied. This can cause errors and prevent you from logging in. To resolve this issue, you can type your username and password directly into SARAS, or you can copy both to a notepad first making sure all the characters have been copied correctly. This will remove any additional formatting copied with the text, enabling it to be copied into SARAS’s user credential fields.

4. My password isn’t working/I have lost my password.
You can reset your password by using the ‘Forgot Password?’ link. Watch the 'Password issues' video for more information.

5. I can’t log into SARAS as my exam schedule has expired
You have 30 days within which to take your exam. You will receive two emails reminding you to take your exam. If you are unable to complete your exam within this period due to an unexpected event e.g. illness or bereavement, you can request an extension. Please contact your training partner to request a reasonable adjustment.

6. My webcam is not working.
Your camera will not turn on if your browser does not have access to the camera or approval is required to allow the browser to access the camera via the exam portal. Open the site permissions by selecting the icon at the start of the URL and then from the menu use the toggles to give assessment.quality.org permission to access your camera, and microphone and to enable Pop-ups.
Your camera image may also not appear during your exam if another application is accessing the camera. For example, if you still have the ID and headshot capture window open or you have a third-party application like a virtual camera or antivirus. Please check you have closed these windows after successfully submitting your ID and headshot or disabled the third-party applications while accessing the exam.
If your IT set-up includes more than one camera i.e. you have a laptop with an integrated camera and an external webcam this could also potentially cause a problem. If you are using a hybrid laptop or virtual camera they are not permitted and you be disqualified.
How to check your browser camera settings and troubleshoot potential camera issues are explained in our ‘Troubleshooting camera issues’ video.

7. My microphone is not working.
Please watch our video on 'Testing your microphone and troubleshooting microphone issues'
Problems during the exam.

8. How do I share my screen?
You are required to share your entire screen that is displaying the exam player window for the duration of your exam.
When the screen sharing window displays, select Entire Screen and then the screen that displays the exam player as shown below.
For instructions on how to do this please watch our 'Screen sharing' video.

9. What if I lose internet connectivity during the exam?
If you lose internet connectivity during your exam, the exam player will close and your responses to the questions you have already answered will be saved. When your internet connection has resumed and is stable you should log into SARAS again. The exam will restart from the question you were viewing when you were disconnected.
Note that for security reasons you will only be able to restart the exam a limited number of times. If your exam is locked, please complete our online help request form.

10. The questions are not completely visible or are overlapping on my screen.
If the questions or any part of the exam player are not visible due to overlapping, please check your system’s ‘Display Resolution’. The display resolution is accessed via the ‘Display settings’ under ‘Scale and Layout'. The recommended resolution is 1366 x 768 and higher.
If none of the above FAQs answer your query, please complete our online help request form.
Please note email support will be available between 09:00 and 17:00 (UK working hours), Monday to Friday only.

11. When will I get my result?
Once you have completed your exam, the CQI will review the findings from your exam recording and if there are no issues, the results will be available for your training provider to download within 10 UK working days. If you have not received your results within 14 UK working days of taking your exam, please contact your training provider.
If we find evidence of malpractice, you will receive a ‘Disqualified’ result. Please see our Malpractice and Maladministration Policy for further details.
Watch our help videos
We have created a playlist of videos to support you throughout the process. You can view them here.

12. Are there any prerequisites for Resit (2^nd attempt)?
5 days training and result of 1^st attempt is failed, or 1^st attempt of examination missed to appear. However, the students who fail the continuous assessment will not get a chance to retake the final online exam but will have to attend the whole course again.

13. How are the examinations hosted?
Open book online exam with AI remote proctoring.

14. What is the duration of the examination?
The exam duration is 1 hour 45 minutes. For any participant having a physical disability that will place the learner at a substantial disadvantage in an online exam situation, CQI permits an additional time of 30 minutes to complete the exam.

15. What is the passing criterion for a written examination?
Participants must achieve the minimum 50% in each domain and an overall score of 40 marks (50%) to pass the exam successfully.

16. Will I be awarded a certificate for attending the training course?
Certificate of Successful Completion: Will be awarded only if
Participants score 70% and above in the continuous assessment and
Participants achieve the minimum 50% in each domain and an overall score of 40 marks (50%) in the written online exam.
Certificate of Attendance: Will be awarded only if participants who have satisfied the attendance requirement and have not been successful in the online final examination or the continuous assessment component.

17. Will I get a refund if I cancel my enrolment?
Please check Cancellation and Refund Policy page.