ISO/IEC 27001 Foundation and Auditor Certification - eLearning (exam included)

ISO/IEC 27001 Foundation and Auditor Certification - eLearning (exam included)

ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. An organization that conforms to the ISO/IEC 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information. ISO/IEC 27001 therefore provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security. Due to the diversity of different organizations’ information assets – the ISO/IEC 27001 standard is adaptable according to an organization’s requirements. The design and implementation of the ISMS is tailored to the organization’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements.

ISO/IEC 27001 Foundation eLearning

Course Contents

• Introduction, background and terminology;
• Key publications that compose the family of ISO/IEC 27001 standard;
• Leadership and support of an Information Security Management System;
• Planning and managing of an Information Security Management System;
• Goals of control and controls for an Information Security Management System;
• Acquiring ISO/IEC 27001 qualification.

Learning Objectives

• The scope and purpose of ISO/IEC 27001 and how it can be used
• The key terms and definitions used in the ISO/IEC 27000 series.
• The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement.
• The processes, their objectives and high level requirements.
• Applicability and scope definition requirements.
• Use of controls to mitigate IS risks.
• The purpose of internal audits and external certification audits, their operation and the associated terminology.
• The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

What is included?

• 120 days access to the platform
• 8 lessons
• 7 hours of video
• 15 hours to complete the course
• Including the official online exam

Exam Information

Exam and certification: Online!

Take your exam when you are ready, when you have time and wherever you are .. !!

The exam will be taken online, which gives you the convenient choice of writing the exam at home or in the office. What we need is a computer with internet for exam and webcam (ProctorU). Exams are included in this eLearning package.

Exam details:

• Multiple choice format
• 50 questions per paper
• 25 marks or more required to pass (out of 50 available) – 50%
• 40-minute duration
• Closed book

ISO/IEC 27001 Auditor eLearning

The APMG ISO/IEC 27001 Auditor certification demonstrates knowledge of how to audit organizations to identify conformity with ISO 27001, how to evaluate the principles of risk management and how to propose appropriate treatments and controls to reduce information security risk. Candidates who obtain this certification have knowledge of how to lead organizations through an audit program, direct audit teams in relation to the guidance given in ISO 19011 and how to evaluate the effectiveness of applied corrective actions to maintain ISMS conformity with ISO 27001.

Prerequisites: To take part to the ISO/IEC 27001 Auditor training course and exam, candidates must have ISO/IEC 27001 Foundation certification.

Contents

• Introduction, background and terms
• Audit management, types and activities
• Evidence

Objectives

• How to audit organizations to identify conformity with ISO 27001
• How to evaluate the principles of risk management - including risk identification, analysis and evaluation
• How to propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security
• Leading organizations through an audit program
• Directing audit teams
• Evaluating the effectiveness of applied corrective actions to maintain ISMS conformity with ISO 27001

What is included?

• 120 days of access to the platform
• 5 lessons (6 hours of video recorded by an accredited teacher)
• 13-15 hours to finish the course
• Downloadable PDF documents with detailed content (slides, explanations) for each lesson
• Exercises and solutions
• 1 official mock exams
• Access 24/7

Exam Information

Exam and certification: Online!

Exam details:

• 40 Multiple choice questions
• 120 minute duration
• 20 marks or more required to pass (out of 40 available) - 50%
• Open book