Great Learning is the Authorized Training Partner of PECB.
Course Duration: 24 hours, 8 sessions of 3 hours each
Course Fee: HKD12,000 (includes exam fee of HKD4,000)
Language of Delivery: Cantonese with English Terms


ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.
ISO/IEC 27001 assists you to understand the practical approaches that are involved in the implementation of an Information Security Management System that preserves the confidentiality, integrity, and availability of information by applying a risk management process. Therefore, implementation of an information security management system that complies with all requirements of ISO/IEC 27001 enables your organizations to assess and treat information security risks that they face.
Certified ISO/IEC 27001 individuals will prove that they possess the necessary expertise to support organizations implement information security policies and procedures tailored to the organization’s needs and promote continual improvement of the management system and organizations operations.
Moreover, you will be able to demonstrate that you have the necessary skills to support the process of integrating the information security management system into the organization’s processes and ensure that the intended outcomes are achieved.
The ISO/IEC 27001 Auditor certifications are credentials for professionals needing to audit an Information Security Management System (ISMS) and, in case of the ISO/IEC 27001 Lead Auditor” Certification, able to manage a team of auditors.
The principal competencies and knowledge skills needed by the market are the ability to proficiently plan and perform audits compliant with the certification process of the ISO/IEC 27001:2013 standard and to master the audit techniques and to manage (or be part of) audit teams and audit program.
Module 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001
- Normative, regulatory and legal framework related to information security
- Fundamental principles of information security
- ISO/IEC 27001 certification process
- Information Security Management System (ISMS)
- Detailed presentation of the clauses 4 to 8 of ISO/IEC 27001
Module 2: Planning and Initiating an ISO/IEC 27001 audit
- Fundamental audit concepts and principles
- Audit approach based on evidence and on risk
- Preparation of an ISO/IEC 27001 certification audit
- ISMS documentation audit
- Conducting an opening meeting
Module 3: Conducting an ISO/IEC 27001 audit
- Communication during the audit
- Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
- Audit test plans
- Formulation of audit findings
- Documentation non conformities
Module 4: Concluding and ensuring the follow-up of an ISO/IEC 27001 audit
- Audit documentation
- Quality review
- Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
- Evaluation of corrective action plans
- ISO/IEC 27001 Surveillance audit
- Internal audit management program
Module 5: Certification Exam
- Auditor wants to perform and lead an Information Security Management System (ISMS) audits as the responsible of an audit team
- Project manager or consultant wanting to master the Information Security Management System audit process
- Person responsible for the Information security or conformity in an organization
- Member of the information security team
- Expert advisor in information technology
- Technical expert wanting to prepare for an Information security audit function
Number of Questions: 12 Questions
Exam Duration: 3 Hours
Exam Format: Essay, Open Book
Exam Location: Great Learning Education Centre
Passing Mark: 70%
In case of failure, participants are entitled to retake an additional free exam under certain conditions.
Accredited course material
- Great Learning is the Authorized Training Partner of PECB
- Great Learning has solid experience in delivering PECB ISO courses.
- Most ISO training providers deliver courses just in office hours. We offer study schedule during both office and non office hours.
- Unlimited re-sit within 2 years. All lessons can be re-sit, refreshing your knowledge all the way.
- We are the IT technical and management specialists, highly experienced in delivering complicated and conceptual knowledge in an effective way.