Cianaa Training

ISO 27001 Training: Information Security Management Courses

Develop your team’s ISO/IEC 27001:2022 competency with expert-led training — from foundation awareness and implementation through to internal auditor and lead auditor preparation.

ISO/IEC 27001:2022
Lead-auditor instructors
On-site, virtual, or public
IRCA-aligned
Standard ISO/IEC 27001:2022
93 Annex A Controls
Covered across four themes
37
Organisational
8
People
14
Physical
34
Technological
Aligned to ISO 27002:2022 guidance
Lead-auditor delivered
Practising ISO 27001 instructors
Trusted by security teams across ANZ
About This Course

ISO 27001 Training from Cianaa

ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). With the 2022 revision introducing significant changes to Annex A controls and the structure of the standard, organisations need training that reflects the current version and equips staff to implement, audit, and maintain an effective ISMS.

Cianaa’s ISO 27001 training is delivered by practising ISO 27001 lead auditors and implementers with real-world certification project experience. Our courses are practical and outcomes-focused — giving participants the knowledge and tools they need to apply immediately in their organisations.

Course highlights

  • Based on ISO/IEC 27001:2022 — the current version
  • Delivered by practising ISO 27001 lead auditors
  • Foundation, implementation, internal auditor, and lead auditor levels
  • Covers all 93 Annex A controls in ISO 27001:2022
  • Aligned to ISO 27002:2022 implementation guidance
  • Available on-site, live virtual, or public cohort
  • Certificate of completion for all participants
Training Paths

Four certification paths — choose by role and depth.

2-Day · Awareness

Foundation

  • Understand ISO 27001:2022 structure
  • Key changes from the 2013 version
  • Overview of Annex A controls
  • Core ISMS terminology
For: Anyone needing ISMS awareness
Format: Virtual or on-site
Enquire about Foundation
3-Day · Auditing

Internal Auditor

  • Plan first/second-party audits
  • Audit reporting techniques
  • Nonconformity management
  • Corrective action processes
For: Internal Auditors, Risk & Compliance Teams
Format: Virtual / on-site / public
Enquire about Internal Auditor
5-Day · Certification

Lead Auditor

  • Lead third-party certification audits
  • IRCA-aligned methodology
  • Stage 1 & Stage 2 audit process
  • Evidence & nonconformity grading
For: Lead Auditor Candidates, consultants
Format: Public cohort or on-site
Enquire about Lead Auditor
Course Modules

What This Training Covers

Our ISO 27001 training modules cover the full standard from context and leadership requirements through to Annex A controls and certification audit preparation.

ISO 27001:2022 Structure & Context

High-level structure (HLS), key changes from 2013, organisational context, and interested parties.

Risk Assessment & Treatment

ISO 27001 risk methodology, asset identification, threat/vulnerability analysis, and risk treatment options.

ISMS Scope & Policy

Defining ISMS scope, information security policy, and leadership commitment requirements.

Annex A Controls (2022)

All 93 controls across four themes: Organisational, People, Physical, and Technological.

Statement of Applicability

Developing, justifying, and maintaining the Statement of Applicability (SoA) for certification.

Internal Audit Programme

Planning, conducting, and reporting ISO 27001 internal audits — including nonconformity management.

Management Review

Management review inputs, outputs, and how to demonstrate continual improvement.

Certification Audit Preparation

Stage 1 and Stage 2 audit process, what auditors assess, common nonconformities, and evidence requirements.

Continual Improvement

Corrective action processes, performance measurement, and maintaining ISMS effectiveness post-certification.

Delivery Options

How This Training Is Delivered

Cianaa offers flexible delivery options to suit your team’s schedule, size, and location.

On-Site Classroom

Instructor-led training delivered at your premises. Ideal for teams of 6+ who benefit from group discussion and hands-on exercises in a shared environment.

Live Virtual

Instructor-led sessions delivered online via video conference. Fully interactive with Q&A, breakout exercises, and real-time engagement with the trainer.

Public Scheduled Courses

Join a scheduled open cohort alongside participants from other organisations. Ideal for individuals or small teams who want to learn alongside peers from different sectors.

Who Should Attend

Who Is This Training For?

ISO 27001 training is relevant for security, compliance, IT, and risk professionals involved in implementing or maintaining an ISMS.

Information Security Managers

Professionals responsible for designing, implementing, and maintaining the organisation’s ISMS.

IT & Security Teams

Technical staff implementing Annex A controls and supporting the ISMS documentation and evidence programme.

Internal Auditors

Audit professionals developing the skills to plan and conduct ISO 27001 internal audits.

Risk & Compliance Teams

Professionals managing the risk assessment, risk treatment, and SoA processes within the ISMS.

DPOs & Privacy Officers

Data protection officers using ISO 27001 as a foundation for privacy and data security programmes.

Lead Auditor Candidates

Professionals seeking to qualify as ISO 27001 lead auditors for certification body or consulting roles.

FAQ

Frequently Asked Questions

Does this training cover ISO 27001:2022?
Yes. All Cianaa ISO 27001 training is based on ISO/IEC 27001:2022, covering the updated Annex A control set (93 controls across four themes) and the changes from the 2013 version.
What is the difference between an internal auditor and lead auditor course?
An internal auditor course focuses on conducting first or second-party audits within your own organisation. A lead auditor course prepares participants to plan and lead third-party certification audits and is typically required for certification body auditors or independent consultants. Both are available from Cianaa.
Can this training support our ISO 27001 certification project?
Yes. Our implementation-focused courses are designed to directly support organisations going through ISO 27001 certification for the first time or transitioning from the 2013 version. We can also provide in-house customised training focused specifically on your ISMS scope and implementation gaps.
Is the course accredited?
Cianaa issues certificates of completion for all training courses. For internationally accredited lead auditor qualifications (e.g., IRCA-certified), these are delivered through accredited training body partnerships. Contact us to discuss the right qualification pathway for your needs.
★ Official PECB Partner

Certified Through PECB

Cianaa delivers ISO/IEC 27001 training as a partner of PECB, a globally recognized certification body. Our courses follow the official PECB curriculum, and your credential is issued and recognized worldwide.

View on PECB ↗
Ready when you are

Build ISO 27001 capability your auditors will actually notice.

Tell us your team size, role mix, and timeline. We’ll recommend the right course level, format, and dates — usually within one business day.

No obligation · ANZ-based team · Response within 1 business day

Other training your team might need

See all training →
ISO 45001

Occupational Health & Safety

OH&S Management System training — from awareness to lead auditor preparation.

View course
ISO 14001

Environmental Management System

Build environmental compliance and sustainability competency for HSE teams.

View course
All courses

Browse Cianaa Training

Explore Cianaa’s full training catalogue across cybersecurity, ISO standards, and compliance.

View all training