The ISO/IEC 27001 certification is aimed at those who are:
- Supporting the implementation, operation or maintenance of an Information Security Management System (ISMS) within an organization.
- Required to audit an Information Security Management System (ISMS) and to have a basic understanding of the standard.
- Working within an organization with an Information Security Management System (ISMS), whether the organization is already certified or is considering certification to the ISO/IEC 27001 standard.
- Preparing for the ISO/IEC 27001 Practitioner – Information Security Officer qualification.
The ISO/IEC 27001 Foundation course covers :
- The scope and purpose of ISO/IEC 27001 and how it can be used.
- The key terms and definitions used in the ISO/IEC 27000 series.
- The fundamental requirements for an Information Security Management System (ISMS) in ISO/IEC 27001 and the need for continual improvement.
- The processes, their objectives and high-level requirements.
- Applicability and scope definition requirements.
- Use of controls to mitigate Information Security risks.
- The purpose of internal audits and external certification audits, their operation and the associated terminology.
- The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.
About the ISO/IEC 27001 Foundation Exam
The ISO/IEC 270001 Foundation exam is a multiple-choice format exam. There are 50 questions per paper, 1 mark per question. The pass mark is 50% (25 marks or more required to pass (out of 50 available). The exam takes 40 minutes. The exam is closed book.