ISO / IEC 27002 Foundation

Certification Overview
Exam Information
Course Outline
Target Audience
Registration Process for E-Course and Exam

Certification Overview

ISO / IEC 27002 Foundation

Exam Code: ISO-IEC-Fnd

ISO/IEC 27002 Foundation training enables you to learn the basic elements to implement Information Security Controls as specified in ISO/IEC 27002. During this training course, you will be able to understand how ISO/IEC 27001 and ISO/IEC 27002 are related to ISO/IEC 27003 (Guidelines for the implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

The ISO/IEC 27000 series of standards provides best practice guidelines for information security management,risks, and controls within the context of an overall Information Security Management System. These best practices are not covered in ITIL. ISO/IEC 27002 is closely aligned with the ISO/IEC 27001 Standard and serves as a practical guideline for all members of staff as they initiate, implement and maintain an Information Security Programme.

e-Competence Framework (e-CF)

The mapping of this certificate against the e-Competence Framework. To know more on e-Competence Framework (e-CF) visit, ECF

Exam Information

The exam comprises of 100 Multiple Choice Questions out of which the candidate needs to score 70% (70 out of 100 correct) to pass the exam.

Exams are online and proctored based, using a webcam and a reliable internet connection exams can be taken anywhere and anytime.

The total duration of the exam is 2 hours (120 Minutes).

No external sources of information may be accessed during the exam held via ProctorU. Further details of the materials permitted are provided:

Identification Proof

If a Candidate does not pass the exam in the second (2nd) attempt, the candidate must wait for a period of at least fourteen (14) calendar days from the date of their attempt to retake the exam for third (3rd) time or any subsequent time.
The exam can be taken any number of times.

The ISO/IEC 27002 Foundation Certificate is valid for life.

Displaying your certificate

Remember, when labelling a product or system as certified to an ISO standard:
Don't say: "ISO certified" or "ISO certification"
DO say: "ISO 9001:2008 certified" or "ISO 9001:2008 certification" (for example).

N/A

The ISO/IEC 27002 Foundation Certification has no pre-requisites (Completion of an E-Course is not mandatory from GAQMBok portal), but we highly recommend doing the E-Course as maximum number of questions are drawn from the E-Course in the actual exam.

Download Sample Exam

Course Outline

Topics Covered in the Exam

The Contents Of ISO/IEC 27002 and Its Relationship To ISO/IEC 27001
Key Roles and Responsibilities Of All Staff Responsible For Information Security
Information and Data Relationships (Security, Governance, Assurance)
Defining Threats and Vulnerabilities and Understanding Risk Management
Risk Analysis With An Understanding Of Impacts, Likelihood and Probability
Required Policies and Information Security Plan
External Relationships With 3rd Party Organisations and Individuals
Information Architecture and Data Flows
Protective Marking and The Relationship To Impact (Risk)

Download Brochure

Target Audience

For anyone in an organisation who is interested or responsible for the implementation of an effective Information Security Programme based on ISO/IEC 27002 or ISO/IEC 27001 standards.
It is particularly suited for Managers who are responsible in anyway for the security or availability of confidential information assets.
Members of an information security team
Expert advisors in information technology
Technical experts wanting to prepare for an information security function or for an ISMS project management function

Registration Process for E-Course and Exam

Exam Registration

To Register for an Exam

Click Here

ISO / IEC 27002 Foundation

Certification Overview