PECB Certified ISO 27034 Lead Application Security Auditor

On this accelerated PECB Certified Lead Application Security Auditor course, you’ll learn how to assess and audit application security practices based on ISO/IEC 27034 and ISO 19011. Through real-world case studies and practical exercises, you'll gain the skills to evaluate secure software development processes, identify vulnerabilities, and recommend improvements.

With application-layer attacks on the rise, this course equips professionals to lead audits that strengthen software security and ensure compliance—helping organizations build more resilient and trustworthy applications.

In just 3 days, you’ll also learn to:

• Explain the fundamental concepts and principles of application security based on ISO/IEC 27034
• Interpret the ISO/IEC 27034 guidelines for application security from the perspective of an auditor
• Evaluate the application security conformity to ISO/IEC 27034 guidelines, in accordance with the fundamental audit concepts and principles
• Plan, conduct, and close an ISO/IEC 27034 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
• Manage an ISO/IEC 27034 audit program

At the end of this course, you’ll sit the PECB Certified Lead Application Security Auditor exam and earn your official certification.

Delivered using Firebrand’s proven Lecture | Lab | Review accelerated learning methodology, you’ll get certified in significantly less time than traditional training.

You’ll also receive a PECB digital badge, showcasing your achievement and enhancing your professional credibility in the field of application security and auditing.

Why choose Firebrand?

• Flexible Delivery Options: Choose between classroom-based training or virtual instructor-led sessions, with delivery options to suit your needs and schedule
• Comprehensive Certification Preparation: Covers the PECB exam topics with integrated study materials and practice exercises
• Interactive Learning: Includes workshops, case studies, and group discussions to apply concepts practically
• Experienced Instructors: Led by certified trainers with extensive industry experience

This training course is intended for:

• Auditors seeking to perform and lead audits of application security processes
• Information security and IT professionals responsible for application security governance
• Consultants and managers involved in application security compliance assessments
• Members of audit teams and individuals preparing for ISO/IEC 27034 application security audit

• Training course objectives and structure
• Fundamental concepts and principles of application security
• Introduction to the ISO/IEC 27034 family of standards
• Other standards related to the ISO/IEC 27034 family of standards
• ISO/IEC 27034 requirements and guidelines overview
• Targeted level of trust and actual level of trust
• Fundamental audit concepts and principles
• Initial contact and authority
• Audit feasibility, agreements, and constraints
• Planning and preparing for the audit
• Evaluation of the ONF management process
• Evaluation of the Application Security Management Process (ASMP)
• Initial engagement and coordination
• Communication and supervision
• Evidence collection and validation
• Finalizing the audit process and the closing meeting
• Preparing and distributing the audit report, and lessons learned
• Audit follow-up and nonconformity resolution
• Evidence management

At the end of this course, you'll sit the PECB ISO/IEC 27034 Lead Auditor exam, covered by our Certification Guarantee.

• Duration: 180 minutes (3 hours)
• Format: Multiple-choice questions, open book
• Number of Questions: 80
• Pass Score:70%
• CPD points available: 31 CPD points available upon completion
• Digital Badge: PECB have partnered with Credly to offer you the chance of earning a digital badge upon completing your certification.

Competency domains covered during the examination include:

• Domain 1:  Fundamental principles and concepts of application security
• Domain 2: Application security audit concepts and principles
• Domain 3: Initiating an application security audit
• Domain 4: Preparing an ISO/IEC 27034 audit
• Domain 5: Conducting an ISO/IEC 27034 audit
• Domain 6: Audit closure and follow-up for application security

After successfully completing the exam, you can apply for your credential. You will receive a certificate once you meet the requirements related to the specified credential. 

Participants who attend this course must be familiar with application security concepts and have in-depth knowledge of application security principles.

Your accelerated course includes:

• Accommodation *
• Meals, unlimited snacks, beverages, tea and coffee *
• On-site exams **
• Exam vouchers **
• Practice tests **
• Certification Guarantee ***
• Courseware
• Up to 12 hours of instructor-led training each day
• 24-hour lab access
• Digital courseware **

* For residential training only. Accommodation is included from the night before the course starts. This doesn't apply to online courses.
** Some exceptions apply. Please refer to the Exam Track or speak with our experts.
*** Pass the first time or train again for free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.

Seven reasons why you should sit your course with Firebrand Training

• Two training options. Choose between residential classroom-based and online courses
• You'll be certified fast. With us, you’ll be trained in record time
• Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
• Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
• You’ll learn more. A day with a traditional training provider generally runs 9am–5pm, with a nice long break for lunch. With Firebrand, you’ll get at least 12 hours/day of quality learning time with your instructor
• You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
• You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

*For residential training only. Doesn't apply to online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts