The purpose of the ISO 27001 Practitioner – Information Security Officer qualification is to confirm whether the candidate has achieved sufficient understanding of ISO/IEC 27001 and its application in a given situation. A successful ISO 27001 Practitioner – Information Security Officer candidate should, with suitable direction be able to start applying the International Standard to enable the management of information security but may not be sufficiently skilled to do this appropriately for all situations.
Their individual information security expertise, complexity of the information security management system and the support given for the use of ISO/IEC 27001 in their work environment will all be factors that impact what the Practitioner – Information Security Officer can achieve.
Candidates must exhibit the competences required for the foundation qualification and show that they can apply ISMS concepts to achieve the objectives and requirements of ISO/IEC 27001 and supporting standards within an organizational context.
The ISO 27001 Practitioner – Information Security Officer training course will help candidates to:
- Apply the principles of ISMS policy and its information security scope, objectives, and processes within an organizational context;
- Apply the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security;
- Analyze and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement;
- Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS;
- Understand, create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001;
- Identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001.
An ISO/IEC 27001 Foundation Training and Certification certificate (or equivalent if accepted by APMG) is a pre-requisite for the ISO 27001 Practitioner – Information Security Officer qualification.
This qualification is aimed at those who are:
- Internal managers and personnel working to implement, maintain and operate an ISMS within an organization;
- External consultants supporting an organization’s implementation, maintenance and operation of an ISMS;
- Internal auditors who are required to have an applied knowledge of the standard
The ISO 27001 Practitioner Exam (by APMG-International) is structured in the following way:
- Objective Testing
- 4 questions per paper with 20 marks available per question
- 40 marks or more required to pass (out of 80 available) – 50%
- 2 ½ hour duration
- Open book
Cybiant offer the following learning options for this course:
Self-Paced-Online Learning - 3 months access
If your a choosing the Self-Paced-Online (SPO) learning option, you will complete the course on your own time, in your own pace. Cybiant will provide you with access to an online learning environment where you can watch videos, and practice with sample questions. The SPO option provides access for 3 months, and includes the official exam.
Virtual Training - 2x2hours per day
If you are choosing the virtual training learning option, you will participate in a live course by a Cybiant instructor, which is delivered 100% online. You will receive meeting invitations to participate in the live lectures through the Zoom platform. There will be 2 x 2-hour sessions per day, so this option does provide you with flexibility to plan some other work. All sessions are recorded, in case you miss any of the session. All virtual training courses include the official examination, which will be taken online on the last day of class.
Classroom Training - full day
If you are choosing the classroom training option, you will participate in this training in a live class in a 5-star hotel. This training option provides you with the opportunity to discuss topics in detail with other course participants, and learn from their experience. You will be trained by one of our Cybiant experts, and will complete the exam on the last day of class. Training is conducted daily, based on the following time schedule:
Start time: 09:00 UTC+08
End time: 17:00 UTC+08