ISO/IEC 27002 Information Security Controls – Training Courses
What Is ISO/IEC 27002?
ISO/IEC 27002 is an international standard that provides guidelines for selecting and implementing information security controls and for implementing information security standards and practices. It is applicable to organizations of all industries or sizes. ISO/IEC 27002 can be used to develop information security management guidelines tailored to the specific context of an organization.
Originally published in 2005 and then updated in 2013, ISO/IEC 27002 was again revised and published in 2022. This new version provides a list of information security controls generally practiced in the information security industry, along with guidelines for their implementation. ISO/IEC 27002 provides four categories of information security controls: organizational (clause 5), people (clause 6), physical (clause 7), and technological (clause 8).
ISO/IEC 27002 Foundation
ISO/IEC 27002 Foundation training course provides information on the fundamental concepts of information security, cybersecurity and privacy based on ISO/IEC 27002.
Why Should You Attend?
ISO/IEC 27002 Foundation training course enables participants to learn the basic concepts related to the implementation and management of information security controls based on the guidelines of ISO/IEC 27002. Through this training course, participants will be able to identify the information security controls of ISO/IEC 27002 that are categorized into four themes: organizational, people, physical, and technological. The training course also provides information on how ISO/IEC 27002 is related with other standards, such as ISO/IEC 27001 and ISO/IEC 27003.
The training course is followed by an exam. If you pass, you can apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. This certificate demonstrates that you have a general knowledge of ISO/IEC 27002 information security controls.
Who Can Attend?
This training course is intended for:
- Managers and consultants seeking to know more about information security controls of ISO/IEC 27002
- Professionals engaged in or responsible for information security management
- Individuals seeking to gain knowledge about the main processes of an information security management system and information security controls
- Individuals interested to pursue a career in information security
Learning Objectives
By successfully completing this training course, you will be able to:
- Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
- Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Interpret the ISO/IEC 27002 organizational, people, physical, and technological controls in the specific context of an organization
Educational Approach
- This training course contains lecture sessions that are illustrated with practical questions and examples.
- The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The structure of quizzes is similar to that of the certificate exam.
Prerequisites
There are no prerequisites to participate in this training course.
Course agenda.
-
Day 1: Introduction to ISO/IEC 27002 and organizational controls
Day 2: People, physical, and technological controls and certificate exam
Examination
This course is taught in partnership with PECB. The exam fully meets the requirements of the PECB Examination and Certificate Program. It covers the following competency domains:
Domain 1: Fundamental principles and concepts of information security, cybersecurity, and privacy
Domain 2: Information security controls based on ISO/IEC 27002
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
-
Upon the successful completion of the exam, you can apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. The certificate requirements for ISO/IEC 27002 Foundation are:
Designation Exam Professional experience MS audit/assessment experience ISCMS project experience Other requirements PECB Certificate Holder in ISO/IEC 27002 Foundation Pass the PECB ISO/IEC 27002 Foundation exam None None None Signing of the PECB Code of Ethics
General Information
- Certificate and examination fees are included in the price of the training course.
- Training material containing over 200 pages of information and practical examples will be distributed.
- An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case of exam failure, you can retake the exam within 12 months for free.
For additional information, please contact us at info@globalskillsfactory.fi
