Course Overview

ISO 27001 is a popular international standard that provides a risk based approach and framework for the effective management of information security within an organization.

Many small and medium sized businesses seek to implement and certify against the standard to enhance their reputation, win new business, and to help comply with regulations, such as GDPR.

On completing this course, you will have gained an in-depth understanding of the standard, as well as having a clear roadmap to the implementation and certification of a formal ISMS in your business.

If you want to know what the standard says, you don't need a course - go read the standard. If you want to know what you actually have to do to get certified without excessive spending or dependancy on consultants, this course is for you.

This is a not a technical course. Good information security management is an integrated business process. That is the essence of an ISO 27001 compliant Information Security Management System (ISMS) and the basis for this course.

.."Lee is extremely enthusiastic about his work, which is infectious. I certainly would recommend him for any training on [ISO 27001]"
- Odai AbdulRahman

Who's this course for?

Small Businesses

Many small and medium sized business want to achieve ISO 27001 certification to win new business or enhance their reputation. With limited resources, that often means doing things yourself. This course will give your team the confidence they need to get started.


Those involved in, or planning the implementation of an ISMS will develop a strong understanding of the core processes and activities that are fundamental to establishing, implementing, operating, and continually improving an effective, ISMS compliant with ISO 27001.


The organization's management and leadership teams have specific responsibilities within the standard, as well as overall responsibility to ensure the ISMS is effectively implemented and maintained. This training will provide a high-level understanding of an ISMS and your role within it, as well as an awareness of what it takes to get an organization successfully certified.


Internal audit is a mandatory requirement of ISO 27001. Those involved in the auditing of an ISMS will develop a keen knowledge and understanding of the mandatory requirements of ISO 27001 along with examples of their interpretation.


Bring your knowledge of ISO 27001 up to speed and add Information Security Management Systems to your portfolio of professional services.


If you're considering a change of profession, or just exploring new topics of interest, this course provides an introduction to the big wide world of information security and management systems certification.

Course Facilitator

Hello, I'm Lee! I've worked as an ISO 27001 specialist, project manager, trainer, consultant, and auditor for more than 15 years. In that time, I've supported and worked with numerous client organizations, of all types and sizes, to help implement their Information Security Management System (ISMS) and achieve independent third-party, accredited certification and registration to the international standard.

I've also worked as an employee in the role of an information security manager and CISO, as well as having sat on the other side of the table as a lead auditor for the global certification body, the British Standards Institute (BSI).

Over the years, I've had the privilege of training hundreds of implementers and auditors on the standard, as well as educating and raising awareness to organizational leadership teams.

I am passionate about information security, and especially the ISO/IEC 27001 standard, and I look forward to assisting you and your company on its journey toward formal certification.


Here's what some of Lee's previous students have said..

"Lee is a great ISO 27001 trainer. I would not hesitate in recommending Lee to any organization that wants to learn about the 27001."

  • Hamzeh Kilani

"I attended the 27001 Lead Auditor course in Dubai. Lee was the trainer. Lee delivered the material in such a way that made everything just make sense from the start. He encouraged active participation from all and combined his experience with the material. The interactive sessions were very effective. I would recommend anyone who needs to know anything about 27001 to try and get booked on a course led by Lee."

  • Stephen Mark Serra


"Attending the ISO 27001 Lead Implementer course delivered by Lee was truly one of the best training experiences I've ever had. The depth, breadth, and originality of knowledge and practical experience that Lee shared was truly second to none. It is only with such a rare blend of talent and experience that a training program as vast as the ISO 27001 can be made effective and successful and I am truly privileged to have taken the training with Lee; gaining a tremendous value that will help me immensely in my work. Thanks a million!"

  • Iyad Kloub

"I attended ISO 27001 Lead Implementer training course in which Lee was the trainer. I must say, I loved his teaching style, he ensured active participation of all delegates during the course. I particularly valued the practical examples that he shared during the course. Lee is a true professional."

  • Paul Inyang

"I met Lee in Jordan, where I attended the ISO27001 Lead implementer training course. He demonstrated a high degree of expertise and his presentation was clear and immediately actionable. In addition, his style was open and inviting to questions and willingly gave his time to responding to questions thoroughly. Lee is extremely enthusiastic about his work which is infectious. I certainly would recommend him for any training on this topic."

  • Odai AbdulRahman

"Lee is an excellent ISO27001 tutor. I had limited knowledge about the ISO standards and implementation procedure before I attended the five days Lead Implementer course provided by Lee. This course has enabled me to understand the ISO27001 standard in depth and I am currently working on project plan to implement ISO27001 in Palm Utilities.

Lee's interactive teaching style helped his audience to interact in group exercises and discussions. His knowledge on ISO27001 and overall Information Security is commendable. Not only was he able to respond to the Information Security queries during the course, he provided good examples to help understand the concepts.

I had great time in the ISO27001 training course and look forward for engaging Lee in similar activities. As Information Security student, I highly recommend Lee for ISO27001 training courses and implementation of the standard."

  • Kashif Fateh Dad

Course Curriculum

Available in days
days after you enroll
Available in days
days after you enroll
  Context of the Organization
Available in days
days after you enroll
Available in days
days after you enroll
Available in days
days after you enroll
Available in days
days after you enroll
Available in days
days after you enroll
  Performance Evaluation
Available in days
days after you enroll
Available in days
days after you enroll
  Course conclusion
Available in days
days after you enroll

Course Format

The course is delivered using the popular Teach:able platform and will be available to you 24/7/365.

Access to your first lesson is granted immediately on purchasing. Each following lesson is delivered on a weekly basis. This is to ensure that you have sufficient time to grasp the concepts presented in the material before moving on, as well provide the time needed for the actions outlined in each section.

On completion you will continue to have access to the entire course so you can go back at any time to review.

Each lesson consists of video lectures, and any supporting documents and templates that can be download.

If you have questions, you can comment below the video. Either ourselves, or someone else in the course can then reply and try to help answer any questions you might have.

Short quizzes are used to test your new found knowledge as you progress through each section of the course.

Special Pre-order Promotion

This is a new course and is currently under development. Therefore, we are offering a special, discounted early-bird pricing to help get the ball rolling.

The course will start once there is enough interest, and each new lesson will be added on a weekly basis.

Content will be created and released regularly, as we create it, taking into consideration any feedback.

Once the course has been fully completed, this offer will end and the cost will increase to its full price.

By signing up today, you will have full access to the course content as it is added, as well as any changes and updates that are added at a later time.

To take advantage of this offer today - use the coupon code 27KPRESALEOFFER at checkout to get a massive 70% off!

Reserve Your Spot


ISO 27001 Implementation for the Small Business

A DIY approach to achieving formal 3rd-party certification

This course will take the participant through the practical steps to implement an ISO/IEC 27001 Information Security Management System (ISMS) and successfully achieve formal 3rd-party certification.

Use the coupon code at checkout to receive the pre-order discount: 27KPRESALEOFFER


What is your refund policy?

We think you're gonna love it! However, if don't find the course meets your expectations then you can request a full refund within 30 days of your purchase.

The new version of ISO 27001 is coming out soon, should I just wait?

When the new version of the standard comes out (perhaps in 2022), the content of this course will be updated and you will have access to the new material. So, two courses for the price of one really.

Will I receive an accredited qualification?

There are many professional training companies offering certification at the completion of training. This is not one of them. Those courses often focus their efforts on teaching you the answers to exam questions, as their goal is for you to pass an exam. This training is not designed for professionals seeking certifications to add to their resume. Instead, we want this training to be practical for the do-it-yourself small business, where having an in-depth understanding of the subject is the main purpose for attending. That said, a certificate of attendance will be issued when you complete the course.