Course description
The ISO/IEC 27002 Lead Manager training course enables participants to develop the necessary knowledge and skills for supporting an organization in effectively determining, implementing, and managing information security controls. The training course provides information that will help participants interpret the ISO/IEC 27002 controls in the specific context of an organization.
The PECB ISO/IEC 27002 Lead Manager Certification demonstrates that you have acquired the necessary expertise for determining adequate information security controls needed to treat the risks identified by a risk assessment process.
- The training course is followed by an exam. If you pass, you can apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.
- The training course integrates both theory and practice by guidance and practical examples for the implementation and management of information security controls.
- The training course contains essay-type exercises and multiple-choice quizzes, some of which are scenario-based.
- Participants are encouraged to communicate and discuss with each other while partaking in exercises and quizzes.
- The structure of quizzes is similar to that of the certification exam.
Required knowledge
The main requirements for participating in this training course are having a fundamental understanding of ISO/IEC 27002 and comprehensive knowledge of information security controls.
Course content
Day 1: Introduction to ISO/IEC 27002
Day 2: Information security roles and responsibilities, people controls, and physical controls
Day 3: Information security assets, access controls, and protection of information systems and networks
Day 4: Information security incident management and testing and monitoring of information security controls based on ISO/IEC 27002
Certification
The “PECB Certified ISO/IEC 27002 Lead Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:
- Fundamental principles and concepts of information security, cybersecurity, and privacy
- Information security management system (ISMS) and initiation of ISO/IEC 27002 information security controls implementation
- Implementation and management of organizational and people controls based on ISO/IEC 27002
- Implementation and management of physical and technological controls based on ISO/IEC 27002
- Performance measurement, testing, and monitoring of ISO/IEC 27002 information security controls