Course description
ISO/IEC 27005 Foundation is a two-day training course that focuses on the information security risk management process introduced by ISO/IEC 27005 and the structure of the standard. It provides an overview of the guidelines of ISO/IEC 27005 for managing information security risks, including context establishment, risk assessment, risk treatment, communication and consultation, recording and reporting, and monitoring and review.
After attending the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “PECB Certificate Holder in ISO/IEC 27005 Foundation” designation. This certificate demonstrates that you have a general knowledge of ISO/IEC 27005 guidelines for information security risk management.
The training course is participant centered and:
- Contains lecture sessions illustrated with examples and discussions
- Encourages interaction between participants by means of questions and suggestions
- Includes quizzes with similar structure to the exam
Required knowledge
There are no prerequisites to participate in this training course.
Course content
Day 1: Introduction to ISO/IEC 27005 and fundamental concepts of information security risk management
Day 2: Information security risk management and certificate exam
Certification
The exam fully meets the requirements of the PECB Examination and Certificate Programme. It covers the following competency domains:
- Fundamental concepts of information security risk management
- Information security risk management approaches and processes
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.