ISO 27001 Foundation Training
About the ISO 27001 Foundation Training
ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The ISO 27001 Foundation training will provide an overview of the key elements of the standard.
The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. An organization that conforms to the ISO 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information.
ISO 27001 therefore provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security. Due to the diversity of different organizations’ information assets – the ISO 27001 standard is adaptable according to an organization’s requirements. The design and implementation of the ISMS is tailored to the organization’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements.
ISO 27001 Foundation Learning Objectives
The purpose of the ISO 27001 Foundation qualification is to confirm that a candidate has sufficient knowledge of the contents and high level requirements of the ISO 27001 standard, and understands at a foundation level how the standard operates in a typical organization.
The ISO 27001 Foundation qualification is designed to provide the basic knowledge of IS 27001 required as a pre-requisite for the ISO 27001 Practitioner – Information Security Officer qualification.
The ISO 27001 Foundation training course will help candidates to:
- The scope and purpose of ISO 27001 and how it can be used;
- The key terms and definitions used in the ISO 27000 series;
- The fundamental requirements for an ISMS in ISO 27001 and the need for continual improvement;
- The processes, their objectives and high level requirements;
- Applicability and scope definition requirements;
- Use of controls to mitigate Information Security risks;
- The purpose of internal audits and external certification audits, their operation and the associated terminology;
- The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.
There is no pre-requisite for the Foundation qualification but an interest and/or background in information security or service management would be an advantage.
ISO 27001 Foundation Target Audience
This qualification is aimed at those who are:
- Supporting the implementation, operation or maintenance of an ISMS within an organization
- Required to audit an ISMS and to have a basic understanding of the standard
- Working within an organization with an ISMS, whether the organization is already certified or is considering certification to ISO 27001
- Preparing for the ISO 27001 Practitioner – Information Security Officer qualification
Frequently Asked Questions
The ISO 27001 Foundation Exam (by APMG-International) is structured in the following way:
- Multiple choice format
- 50 questions per paper
- 25 marks or more required to pass (out of 50 available) – 50%
- 40-minute duration
- Closed book
Yes. If you have a group of participants, Cybiant can deliver this training in-house. Please contact us through the chat window or through our contact page for a quotation and delivery options.
Yes, an additional 10 minutes can be added to the exam time for nonnative English speakers.
This course is delivered in a classroom, in-house or virtual classroom format.