ISO/IEC27002 Information Security Foundation (exam included)

There are no formal entry requirements. The course is designed to provide a comprehensive introduction to information security management. Given the close relationship of ISO27002 with ISO27001, we strongly recommend that delegates attend the ISO27001 ISMS Foundation Course prior to taking this course.

Closely aligned with the ISO27001 Standard, ISO27002 serves as a practical guideline for all members of staff as they initiate, implement and maintain an information security programme. An understanding of the best practice guidance as outlined in ISO27002 is essential to ensure the compliance to ISO27001 in any organisation. The ISO27002 ISMS Foundation Course delivers a comprehensive education in ISO27002 best practice and a recognised industry standard certification awarded by EXIN.

During this course, participants will learn, through a number of interactive sessions, the most significant aspects of the ISO27002 standard, its objectives, requirements, value to the organisation, and its relation with the ISO27001 standard as well as with other standards. Additionally, participants will learn about the benefits and improvements that may be achieved by organisations that have an ISO27001-certified ISMS.

Course objectives:

• Learn the importance of confidentiality, integrity and availability of information.
• Learn the types of risks, threats and damages, and the available risk strategies and the security measures you can take.
• Get insight in the security policy and organisation, inclusive code of conduct, ownership, and roles and responsibilities.
• Be able to react to and manage security incidents.
• Learn the various security measures: physical, technical and organisational.
• Be aware of the most important legislations and regulations.

• Introduction to Information Security
  • Information
  • Information Management
  • Reliability Aspects
  • Secure Information Systems Design
  • Operational Processes and Information
  • Information Architecture
• Threats and Risks
  • Risk Management
  • Risk Analysis
  • Threats
  • Damage
  • Strategies
  • Guidelines for Implementing Security Measures
• Approach and Organisation
  • Security policy
  • Information Security Organisation
  • Code of Conduct
  • Business Assets
  • Roles
  • Incident Management
• Security Measures
  • Types of Security Measures
  • Risks and Security Measures
  • Information Classification
  • Physical Security Measures
  • Technical Measures
  • Organisational Security Measures
• Legislation and Regulations
  • Compliance
  • Importance of Legislation and Regulations
  • Information Security Legislation
  • Legislative Acts
  • Information Security Regulations
  • Legislation and Regulations Measures
• ISO/IEC 27000 standards
  • Introduction
  • ISO/IEC 27001
  • ISO/IEC 27002
  • Qualification Scheme
  • Qualification Scheme
  • EXIN contact information
• Exam Description
  • Exam format
  • EXIN’s exam content
  • Tips for answering the exam
• Review, Evaluation and Examination
  • General review
  • Sample exam
  • Sample exam review
  • Course evaluation
  • Course certificate
  • Certification exam

EXIN Information Security Management ISO IEC 27001 Foundation