ISO 27001 Training: Information Security Management Courses
Develop your team’s ISO/IEC 27001:2022 competency with expert-led training — from foundation awareness and implementation through to internal auditor and lead auditor preparation.
ISO 27001 Training from Cianaa
ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). With the 2022 revision introducing significant changes to Annex A controls and the structure of the standard, organisations need training that reflects the current version and equips staff to implement, audit, and maintain an effective ISMS.
Cianaa’s ISO 27001 training is delivered by practising ISO 27001 lead auditors and implementers with real-world certification project experience. Our courses are practical and outcomes-focused — giving participants the knowledge and tools they need to apply immediately in their organisations.
Course highlights
- Based on ISO/IEC 27001:2022 — the current version
- Delivered by practising ISO 27001 lead auditors
- Foundation, implementation, internal auditor, and lead auditor levels
- Covers all 93 Annex A controls in ISO 27001:2022
- Aligned to ISO 27002:2022 implementation guidance
- Available on-site, live virtual, or public cohort
- Certificate of completion for all participants
Four certification paths — choose by role and depth.
Foundation
- Understand ISO 27001:2022 structure
- Key changes from the 2013 version
- Overview of Annex A controls
- Core ISMS terminology
Lead Implementer
- Build and document an ISMS end-to-end
- Risk assessment & treatment
- All 93 Annex A controls (2022)
- Statement of Applicability
Internal Auditor
- Plan first/second-party audits
- Audit reporting techniques
- Nonconformity management
- Corrective action processes
Lead Auditor
- Lead third-party certification audits
- IRCA-aligned methodology
- Stage 1 & Stage 2 audit process
- Evidence & nonconformity grading
What This Training Covers
Our ISO 27001 training modules cover the full standard from context and leadership requirements through to Annex A controls and certification audit preparation.
ISO 27001:2022 Structure & Context
High-level structure (HLS), key changes from 2013, organisational context, and interested parties.
Risk Assessment & Treatment
ISO 27001 risk methodology, asset identification, threat/vulnerability analysis, and risk treatment options.
ISMS Scope & Policy
Defining ISMS scope, information security policy, and leadership commitment requirements.
Annex A Controls (2022)
All 93 controls across four themes: Organisational, People, Physical, and Technological.
Statement of Applicability
Developing, justifying, and maintaining the Statement of Applicability (SoA) for certification.
Internal Audit Programme
Planning, conducting, and reporting ISO 27001 internal audits — including nonconformity management.
Management Review
Management review inputs, outputs, and how to demonstrate continual improvement.
Certification Audit Preparation
Stage 1 and Stage 2 audit process, what auditors assess, common nonconformities, and evidence requirements.
Continual Improvement
Corrective action processes, performance measurement, and maintaining ISMS effectiveness post-certification.
How This Training Is Delivered
Cianaa offers flexible delivery options to suit your team’s schedule, size, and location.
On-Site Classroom
Instructor-led training delivered at your premises. Ideal for teams of 6+ who benefit from group discussion and hands-on exercises in a shared environment.
Live Virtual
Instructor-led sessions delivered online via video conference. Fully interactive with Q&A, breakout exercises, and real-time engagement with the trainer.
Public Scheduled Courses
Join a scheduled open cohort alongside participants from other organisations. Ideal for individuals or small teams who want to learn alongside peers from different sectors.
Who Is This Training For?
ISO 27001 training is relevant for security, compliance, IT, and risk professionals involved in implementing or maintaining an ISMS.
Information Security Managers
Professionals responsible for designing, implementing, and maintaining the organisation’s ISMS.
IT & Security Teams
Technical staff implementing Annex A controls and supporting the ISMS documentation and evidence programme.
Internal Auditors
Audit professionals developing the skills to plan and conduct ISO 27001 internal audits.
Risk & Compliance Teams
Professionals managing the risk assessment, risk treatment, and SoA processes within the ISMS.
DPOs & Privacy Officers
Data protection officers using ISO 27001 as a foundation for privacy and data security programmes.
Lead Auditor Candidates
Professionals seeking to qualify as ISO 27001 lead auditors for certification body or consulting roles.
Frequently Asked Questions
Does this training cover ISO 27001:2022?
What is the difference between an internal auditor and lead auditor course?
Can this training support our ISO 27001 certification project?
Is the course accredited?
Certified Through PECB
Cianaa delivers ISO/IEC 27001 training as a partner of PECB, a globally recognized certification body. Our courses follow the official PECB curriculum, and your credential is issued and recognized worldwide.
Build ISO 27001 capability your auditors will actually notice.
Tell us your team size, role mix, and timeline. We’ll recommend the right course level, format, and dates — usually within one business day.
Other training your team might need
See all training →Occupational Health & Safety
OH&S Management System training — from awareness to lead auditor preparation.
View courseEnvironmental Management System
Build environmental compliance and sustainability competency for HSE teams.
View courseBrowse Cianaa Training
Explore Cianaa’s full training catalogue across cybersecurity, ISO standards, and compliance.
View all training