top of page
Who Are We

ISO/IEC 27002 Foundation


Why should you attend? 

ISO/IEC 27002 Foundation training enables you to learn the basic elements to implement Information Security Controls as specified in ISO/IEC 27002. During this training course, you will be able to understand how ISO/IEC 27001 and ISO/IEC 27002 are related to ISO/IEC 27003 (Guidelines for the implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

After completing this course, you can sit for the exam and apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. A PECB Foundation Certificate shows that you have understood the fundamental methodologies and management approach.

Who should attend?

  • Individuals interested in Information Security Management and Information Security Controls

  • Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls

  • Individuals interested to pursue a career in Information Security Management 

Learning objectives

  • Understand the implementation of Information Security Controls in accordance with ISO/IEC 27002

  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks

  • Understand the approaches, methods and techniques used for the implementation of Information Security Controls

Educational approach

  • Lecture sessions are illustrated with practical questions and examples

  • Practical exercises include examples and discussions

  • Practice tests are similar to the Certificate Exam




More Details

Course agenda

  • Day 1: Introduction to ISO/IEC 27002 and Information Security Management System

    Day 2: ISO/IEC 27002 Controls and Certificate Exam


  • The “PECB ISO/IEC 27002 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

    Domain 1: Fundamental principles and concepts of Information Security Management

    Domain 2: Information Security Controls based on ISO/IEC 27002

bottom of page