ISO/IEC 27002 Foundation

ISO/IEC 27002 Foundation training course enables participants to learn the basic concepts related to the implementation and management of information security controls based on the guidelines of ISO/IEC 27002. Through this training course, participants will be able to identify the information security controls of ISO/IEC 27002 that are categorized into four themes: organizational, people, physical, and technological. The training course also provides information on how ISO/IEC 27002 is related with other standards, such as ISO/IEC 27001 and ISO/IEC 27003.

• This training course contains lecture sessions that are illustrated with practical questions and examples.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The structure of quizzes is similar to that of the certificate exam.

There are no prerequisites to participate in this training course. 

• Managers and consultants seeking to know more about information security controls of ISO/IEC 27002
• Professionals engaged in or responsible for information security management 
• Individuals seeking to gain knowledge about the main processes of an information security management system and information security controls
• Individuals interested to pursue a career in information security 

Day 1: Introduction to ISO/IEC 27002 and organizational controls 
Day 2: People, physical, and technological controls and certificate exam

The training course is followed by an exam. If you pass, you can apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. This certificate demonstrates that you have a general knowledge of ISO/IEC 27002 information security controls. 

The exam fully meets the requirements of the PECB Examination and Certificate Programme. It covers the following competency domains:

• Fundamental principles and concepts of information security, cybersecurity, and privacy 
• Information security controls based on ISO/IEC 27002

For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

• Certificate and examination fees are included in the price of the training course.
• Training material containing over 200 pages of information and practical examples will be distributed.
• An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
• In case of exam failure, you can retake the exam within 12 months for free. 

• Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
• Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Interpret the ISO/IEC 27002 organizational, people, physical, and technological controls in the specific context of an organization