- Domain 1: Fundamental principles and concepts of application security
- Domain 2: Application security audit concepts and principles
- Domain 3: Initiating an application security audit
- Domain 4: Preparing an ISO/IEC 27034 audit
- Domain 5: Conducting an ISO/IEC 27034 audit
- Domain 6: Audit closure and follow-up for application security
The certification requirements for PECB ISO/IEC 27034 Lead Auditor are:
- Planning an audit
- Preparing audit working papers or test plans
- Reviewing documented information
- Conducting opening and closing meetings
- Conducting audit interviews
- Collecting and analyzing audit evidence
- Documenting nonconformities
- Preparing audit reports
- Following up on nonconformities
- Leading an audit team
- Managing an audit program
Certification Rules and Policies
- Certification and examination fees are included in the price of the training course
- Participants will be provided with the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes.
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case candidates fail the exam, they can retake it within 12 months following the initial attempt for free.
Educational Approach
- This training course contains various activities such as exercises, multiple-choice quizzes, real-life scenarios, and best practices used in the implementation of application security.
- Participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The quizzes are structured to reflect the style and format of the certification exam.