ISO/IEC 27034 Lead Application Security Auditor Course

CALL +234 1 4546 589 FOR ENQUIRY

 

The ISO/IEC 27034 Application Security Auditor certifications are credentials for professionals needing to audit an Information technology – Security techniques – Application Security and, in case of the “ISO/IEC 27034 Lead Application Security Auditor” Certification, able to manage a team of auditors.

The principal competencies and knowledge skills needed by the market are the ability to proficiently plan and perform audits compliant with the certification process of the ISO/IEC 27034:2011 standard and to master the audit techniques and to manage (or be part of) audit teams and audit program.

Various professions may apply for this certification:

  • Internal auditors
  • Auditors wanting to perform and lead IT – Security techniques – Application Security audit
  • Project managers or consultants who want to master the IT – Security techniques – Application Security audit process
  • CxO and senior managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in Information Technology
  • Technical experts wanting to prepare for Application Security audit function

The requirements for “Auditor” certifications are:

Credential Exam Professional experience MS audit/ assessment experience Other requirements
ISO/IEC 27034 Provisional Application Security Auditor PECB Certified ISO/IEC 27034 Lead Application Security Auditor exam or equivalent None None Signing the PECB code of ethics
ISO/IEC 27034 Application Security Auditor PECB Certified ISO/IEC 27034 Lead Application Security Auditor exam or equivalent Two years: One year of work experience in related field Audit activities totaling 200 hours Signing the PECB code of ethics
ISO/IEC 27034 Lead Application Security Auditor PECB Certified ISO/IEC 27034 Lead Application Security Auditor exam or equivalent Five years: Two years of work experience in related field Audit activities totaling 300 hours Signing the PECB code of ethics

If an applicant doesn’t have all requirements to apply for the credentials of ISO/IEC 27034 Lead Application Security Auditor he/she may apply for the credentials of ISO/IEC 27034 Application Security Auditor or ISO/IEC 27034 Provisional Application Security Auditor.

For certification purposes, the following audit types constitute valid audit experience: 

  1. Pre-assessment/pre-audit
  2. Gap analysis
  3. Internal audits
  4. Second party audits
  5. Third/external audits
  6. Opinion audit

To be considered valid, these audits should follow best audit practices and include most of the following activities:

  1. Audit planning
  2. Audit interview
  3. Managing an audit program
  4. Drafting audit reports
  5. Drafting non-conformity reports
  6. Drafting audit working documents
  7. Documentation review
  8. On-Site Audit
  9. Non-conformity follow-up actions
  10. Leading a team of auditors

ISO/IEC 27034

Contact Details

2 Muritala Eletu Street | Osapa Lekki | Lagos | NIGERIA

  • +234 1 4546 589
  • +234 817 0004 321

Email: ethnos@ethnosit.net