Badge holders demonstrate knowledge of how to audit organizations to identify conformity with ISO 27001, how to evaluate the principles of risk management and how to propose appropriate treatments and controls to reduce information security risk. They have knowledge of how to lead organizations through an audit program, direct audit teams in relation to the guidance given in ISO 19011 and how to evaluate the effectiveness of applied corrective actions to maintain ISMS conformity with ISO 27001.