What is ISO/IEC 27001?
ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.
Why is Information Security important for you?
ISO/IEC 27001 assists you to understand the practical approaches that are involved in the implementation of an Information Security Management System that preserves the confidentiality, integrity, and availability of information by applying a risk management process. Therefore, implementation of an information security management system that complies with all requirements of ISO/IEC 27001 enables your organizations to assess and treat information security risks that they face.
Certified ISO/IEC 27001 individuals will prove that they possess the necessary expertise to support organizations implement information security policies and procedures tailored to the organization’s needs and promote continual improvement of the management system and organizations operations.
Moreover, you will be able to demonstrate that you have the necessary skills to support the process of integrating the information security management system into the organization’s processes and ensure that the intended outcomes are achieved.
Benefits of ISO/IEC 27001 Information Security Management
PECB ISO/IEC 27001 Certificate will prove that you have:
- Obtained the necessary expertise to support an organization to implement an Information Security Management System that complies with ISO/IEC 27001
- Understood the Information Security Management System implementation process
- Provide continual prevention and assessments of threats within your organization
- Higher chances of being distinguished or hired in an Information Security career
- Understood the risk management process, controls, and compliance obligations
- Acquired the necessary expertise to manage a team to implement an ISMS
- The ability to support organizations in the continual improvement process of their Information Security Management System
- Gained the necessary skills to audit organization’s Information Security Management System
How do I get started with ISO/IEC 27001 Training?
Interested in expanding your knowledge and advancing your skills on Information Security? PECB experts are here to ease the certification process and help you obtain PECB Certified ISO/IEC 27001 Credentials.
Why should you attend?
ISO/IEC 27001:2022 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001:2022. During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.
After completing this course, you can sit for the exam and apply for the “PECB Certificate Holder in ISO/IEC 27001:2022 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.
Who should attend?
- Managers and consultants seeking to know more about information security
- Professionals wishing to get acquainted with ISO/IEC 27001:2022 requirements for an ISMS
- Individuals engaged in or responsible for information security activities in their organization
- Individuals wishing to pursue a career in information security
Learning objectives
- Describe the main information security management concepts, principles, and definitions
- Explain the main ISO/IEC 27001:2022 requirements for an information security management system (ISMS)
- Identify approaches, methods, and techniques used for the implementation and management of an ISMS
Educational approach
- Lecture sessions are illustrated with practical questions and examples
- Practical exercises include examples and discussions
- Practice tests are similar to the Certificate Exam
Prerequisites
None
Course agenda
- Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001:2022
- Day 2: Information Security Management System requirements and Certificate Exam
Examination
- The exam fully meets the requirements of the PECB Examination and Certificate Programme. It covers the following competency domains:
- Domain 1: Fundamental principles and concepts of an Information Security Management System (ISMS)
- Domain 2: Information Security Management System (ISMS)
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
Certificate requirements
- First, a candidate needs to complete the PECB ISO/IEC 27001:2022 Foundation training course. Then, they need to take the exam and after successfully passing the exam, candidates will be able to apply for the “PECB Certificate Holder in ISO/IEC 27001:2022 Foundation” certificate.
- This is an entry-level credential.There are no prerequisites on professional or management system project experience required. Thus, following the training course, passing the exam and applying for the certificate are the only certificate program requisites that certificate holders shall meet before obtaining the certificate.For more information, please refer to the Certification Rules and Policies.
- The certificate requirements for the ISO/IEC 27001:2022 Foundation are:
| Designation | Training Course | Exam | Professional experience | MS audit/assessment experience | ISMS project experience | Other requirements |
| PECB Certificate Holder in ISO/IEC 27001:2022 Foundation | Complete the PECB ISO/IEC 27001:2022 Foundation Training Course | Pass the PECB ISO/IEC 27001:2022 Foundation exam | None | None | None | Signing the PECB Code of Ethics |
General Information
- Certificate and examination fees are included in the price of the training course
- Training material containing over 200 pages of information and practical examples will be distributed
- An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course
- In case of exam failure, you can retake the exam within 12 months for free
Download Brochure: ISO/IEC 27001:2022 Foundation Course Brochure
Training Course Overview
The ISO/IEC 27001 Lead Implementer training course enables participants to acquire the knowledge necessary to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an information security management system (ISMS).
Why Should You Attend?
Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Who can Attend?
- Managers or consultants involved in and/or concerned with the implementation of an information security management system in an organization.
- Project managers, consultants, or expert advisers seeking to master the implementation of an information security management system; or individuals responsible to maintain conformity with the ISMS requirements within an organization
- Members of the ISMS team
Learning Objectives
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an implementer
- Initiate and plan the implementation of an ISMS based on ISO/IEC 27001, by utilizing PECB’s IMS2 Methodology and other best practices
- Support an organization in operating, maintaining, and continually improving an ISMS based on ISO/IEC 27001
- Prepare an organization to undergo a third-party certification audit
Educational Approach
- This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
- The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The exercises are based on a case study.
- The structure of the quizzes is similar to that of the certification exam.
Prerequisites
The main requirement for participating in this training course is having a general knowledge of the ISMS concepts and ISO/IEC 27001.
Course agenda
- Day 1: Introduction to ISO/IEC 27001 and initiation of an ISMS implementation
- Day 2: Implementation plan of an ISMS
- Day 3: Implementation of an ISMS
- Day 4: ISMS monitoring, continual improvement, and preparation for the certification audit
- Day 5: Certification exam
Examination
- The “PECB Certified ISO/IEC 27001 Lead Implementer” exam meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:Domain 1: Fundamental principles and concepts of an information security management system Domain 2: Information security management system requirements Domain 3: Planning of an ISMS implementation based on ISO/IEC 27001 Domain 4: Implementation of an ISMS based on ISO/IEC 27001Domain 5: Monitoring and measurement of an ISMS based on ISO/IEC 27001Domain 6: Continual improvement of an ISMS based on ISO/IEC 27001 Domain 7: Preparation for an ISMS certification auditFor specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
Certification
- After successfully passing the exam, you can apply for one of the credentials shown below. You will receive the certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.The requirements for PECB ISO/IEC 27001 Implementer certifications are as follows:
| Credential | Exam | Professional experience | ISMS project experience | Other requirements |
| PECB Certified ISO/IEC 27001 Provisional Implementer | PECB Certified ISO/IEC 27001 Lead Implementer exam or equivalent | None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Implementer | PECB Certified ISO/IEC 27001 Lead Implementer exam or equivalent | Two years: One year of work experience in Information Security Management | Project activities: a total of 200 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Lead Implementer | PECB Certified ISO/IEC 27001 Lead Implementer exam or equivalent | Five years: Two years of work experience in Information Security Management | Project activities: a total of 300 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Senior Lead Implementer | PECB Certified ISO/IEC 27001 Lead Implementer exam or equivalent | Ten years: Seven years of work experience in Information Security Management | Project activities: a total of 1,000 hours | Signing the PECB Code of Ethics |
- Note: PECB certified individuals who possess Lead Implementer and Lead Auditor credentials are qualified for the respective PECB Master credential, given that they have taken four additional Foundation exams related to this scheme. More detailed information about the Foundation exams and the Master credential requirements can be found here. The ISMS project experience should follow best implementation practices and include the following activities:
- Drafting an ISMS implementation business case
- Managing an ISMS implementation project
- Implementing the ISMS
- Managing documented information
- Implementing corrective actions
- Monitoring the ISMS performance
- Managing an ISMS implementation team
General Information
- Certification and examination fees are included in the price of the training course
- Participants will be provided with the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes.
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case candidates fail the exam, they can retake it within 12 months following the initial attempt for free.
Download Brochure: ISO/IEC 27001:2022 Lead Implementer Course Brochure
Training Course Overview
ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.
Why should you attend?
During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.
After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.
Who can attend?
- Auditors seeking to perform and lead information security management system (ISMS) audits
- Managers or consultants seeking to master the information security management system audit process
- Individuals responsible to maintain conformity with the ISMS requirements in an organization
- Technical experts seeking to prepare for the information security management system audit
- Expert advisors in information security management
Learning objectives
By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
- Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
- Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
- Manage an ISO/IEC 27001 audit program
Educational approach
- This training is based on both theory and best practices used in ISMS audits
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role playing and discussions
- Practice tests are similar to the Certification Exam
Prerequisites
A fundamental understanding of ISO/IEC 27001 and comprehensive knowledge of audit principles.
Course agenda
- Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 27001Day 2: Audit principles, preparation, and initiation of an auditDay 3: On-site audit activitiesDay 4: Closing the auditDay 5: Certification Exam
Examination
- The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:Domain 1: Fundamental principles and concepts of Information Security Management System (ISMS)Domain 2: Information Security Management System (ISMS)Domain 3: Fundamental audit concepts and principlesDomain 4: Preparation of an ISO/IEC 27001 auditDomain 5: Conducting an ISO/IEC 27001 auditDomain 6: Closing an ISO/IEC 27001 auditDomain 7: Managing an ISO/IEC 27001 audit programFor specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.
Certification
- After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.The requirements for PECB Auditor Certifications are:
| Credential | Exam | Professional experience | MS audit/assessment experience | Other requirements |
| PECB Certified ISO/IEC 27001 Provisional Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Two years: One year of work experience in Information Security Management | Audit activities: a total of 200 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Lead Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Five years: Two years of work experience in Information Security Management | Audit activities: a total of 300 hours | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27001 Senior Lead Auditor | PECB Certified ISO/IEC 27001 Lead Auditor exam or equivalent | Ten years: Seven years of work experience in Information Security Management | Audit activities: a total of 1,000 hours | Signing the PECB Code of Ethics |
- Note: PECB Certified Individuals who do possess the Lead Implementer and Lead Auditor Credentials are qualified for the respective PECB Master Credential, given they have taken 4 additional Foundation Exams which are related to this scheme. For more detailed information about the Foundation Exams and the overall Master Requirements, please go to the following link: https://pecb.com/en/master-credentials. To be considered valid, these audits should follow best audit practices and include the following activities:
- Audit planning
- Audit interview
- Managing an audit program
- Drafting audit reports
- Drafting non-conformity reports
- Drafting audit working documents
- Documentation review
- On-site Audit
- Follow-up on non-conformities
- Leading an audit team
General Information
- Certification and examination fees are included in the price of the training course
- Training material containing over 450 pages of information and practical examples will be distributed
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case of exam failure, you can retake the exam within 12 months for free
Download Brochure: ISO/IEC 27001:2022 Lead Auditor Course Brochure
ISO 27001 Training Schedule
Information Security Management Systems
Online – Instructor Led Training + Exam
9 Sep – 20 Sep (Weekdays)
9AM – 12PM (PST)
US$1,495.00
Information Security Management Systems Audit
Online – Instructor Led Training + Exam
4 Nov – 15 Nov (Weekdays)
9AM – 12PM (PST)
US$1,495.00