Certified ISO/IEC 42001 Lead Auditor

ISO/IEC 42001 Lead Auditor is an advanced course designed to develop participants’ ability to audit an Artificial Intelligence Management System (AIMS) against the ISO/IEC 42001 standard. The course focuses on audit principles, planning, execution, reporting and follow-up, enabling participants to conduct effective internal and external audits with confidence and professionalism.

This course combines theoretical audit concepts with practical exercises tailored to AI risk governance and management system auditing. Participants learn how to assess conformity with the ISO/IEC 42001 requirements, use appropriate audit techniques, and communicate audit findings clearly and effectively. The course also prepares delegates for the Lead Auditor certification exam and equips them with skills to contribute to organisational improvement initiatives and compliance assurance.

Course objectives

Upon completion of the course, participants will be able to:

  • Understand ISO/IEC 42001 audit principles and methodologies
  • Plan and prepare audits that conform to ISO/IEC 42001 requirements
  • Conduct on-site audit activities including interviews, evidence collection and evaluation
  • Report audit findings professionally and constructively
  • Manage audit teams and support continual improvement of AI governance practices

Prerequisites

Participants should have a solid understanding of the ISO/IEC 42001 standard and practical experience with AI risk governance or implementation. Prior completion of ISO/IEC 42001 Lead Implementer or equivalent experience is recommended.

Target audience

This course is suitable for internal and external auditors, compliance professionals, governance specialists, risk managers and consultants who are responsible for auditing or evaluating AI management systems in organisations.

Day 1 - Introduction to ISO/IEC 42001 and audit principles

Participants are introduced to the structure and requirements of ISO/IEC 42001 and the fundamentals of audit principles. The focus is on understanding how AI risk management systems are governed, documented and evaluated through audit activities.

Day 2 - Audit planning and preparation

This section covers how to plan an effective audit, including defining scope and objectives, selecting criteria and evidence types, and preparing audit plans that support compliance with ISO/IEC 42001 requirements.

Day 3 - On-site audit activities

Participants learn how to execute audit tasks such as conducting interviews, gathering and analysing evidence, making audit observations, and applying audit techniques in real-world scenarios.

Day 4 - Closing of the audit

This module focuses on effective communication of audit results, drafting clear and consistent audit reports, and presenting findings to stakeholders. Participants also explore how to handle nonconformities and suggest corrective actions. The final part of the course addresses post-audit activities including corrective action monitoring, assessment of action effectiveness, and how audit results can contribute to organisational learning and improvement.

Day 5 - Certification exam

The fifth day is dedicated to the certification exam.

After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC certifications and the PECB certification process, please refer to the Certification Rules and Policies.

Exam

The exam is will take place at the end of the course on onsite classroom courses

For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send fromPECB.

Test details:

  • The exam duration is three (3) hours. Non-native speakers receive an additional half an hour.
  • The exam contains essay type questions. 

As the exam is an Multiple Choice, candidates are authorized to use:

  • A copy of the ISO 42001 Standard
  • Course notes from the Participant Handout;
  • Any personal notes made by the student during the course; and
  • A hard copy dictionary

Examination rules and policies

RECEIVE YOUR EXAM RESULTS

Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.

Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.

In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.

Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.

EXAM RETAKE POLICY

There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:

  • Students, who have completed the full training but failed the written exam, are eligible to retake the exam once for free within a 12 month period from the initial date of the exam.
  • If a candidate does not pass the exam on the second attempt, he/she must wait 3 months (from the initial date of the exam) for the next attempt (2nd retake). Retake fee applies.
  • If a candidate does not pass the exam on the third attempt, he/she must wait 6 months (from the initial date of the exam) for the next attempt (3rd retake). Retake fee applies.

After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.

For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.

To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.

Practical information

Duration: 5 days
Price: 29 900
Language: English
Format: Open course and corporate training

FAQ

Hva lærer jeg på dette kurset?
Du lærer å planlegge, gjennomføre, rapportere og følge opp audits av et Artificial Intelligence Management System (AIMS) i henhold til ISO/IEC 42001. Auditing-teknikker og rapportering er sentralt.

Hva kreves for å delta?
Du bør ha god forståelse av ISO/IEC 42001 og erfaring med AI-styring eller implementering. Lead Implementer-kurs eller tilsvarende erfaring anbefales.

Hvordan gjennomføres eksamen?
Eksamen gjennomføres enten fysisk på kursstedet eller online med voucher og online eksamensvakt.

Hva skjer hvis jeg ikke består første eksamen?
Du får vanligvis ett nytt eksamensforsøk som gjennomføres online.

Får jeg ekstra tid på eksamen?
Ja, ekstra tid gis dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsregler.

Hvilken sertifisering får jeg?
Etter godkjent eksamen oppnår du PECB Certified ISO/IEC 42001 Provisional Auditor sertifiseringen. For å få full sertifisering kan det også stilles krav til dokumentert arbeidserfaring innen informasjonssikkerhet og ISMS-arbeid. Sjekk tabellen under sertifisering for mer informasjon.

Får jeg ISO-standarden?
Nei, men du får tilgang til relevant kursmateriell som brukes under kurset og eksamen.

Hva er forskjellen på Lead Implementer og Lead Auditor for ISO/IEC 42001?
Lead Implementer fokuserer på å etablere og forbedre et AIMS, mens Lead Auditor er rettet mot å evaluere, vurdere og revidere et eksisterende AIMS i henhold til standardens krav.

Hvor skal jeg starte?
Hvis du er ny til ISO/IEC 42001 anbefales det å begynne med Foundation eller Implementer før du tar Auditor.

Er dette kurset relevant for ledere?
Ja, kurset er relevant for ledere, revisorer, compliance-ansvarlige og konsulenter som jobber med evaluering og forbedring av AI-styringssystemer.

Kan jeg ta dette kurset som e-læring eller selvstudium?
Ja, dette kurset tilbys også som e-læring. Påmelding kan registreres på høyre side.

See other relevant courses 

Other subject areas

Other relevant courses

NIS2 Directive Lead Implementer
2. March
5 days
Classroom Virtual Guaranteed to run
NIS2 Directive Foundation
27. April
2 days
Classroom Virtual
ISO/IEC 27001 Foundation
23. March
2 days
Classroom Virtual
ISO/IEC 27001 Introduction
1 days
Classroom