ISO/IEC 27001 Foundation and Auditor Certification - eLearning (exam included)

APMG ISO/IEC 27001 Foundation and Auditor Certification - eLearning (exam included)

ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. An organization that conforms to the ISO/IEC 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information.

ISO/IEC 27001 Foundation course is the first step to qualify for the ISO/IEC 27001 standard for information security. ISO/IEC 27001 Auditor certification demonstrates knowledge of how to audit organizations to determine compliance with ISO 27001, how to evaluate risk management principles, and how to propose appropriate treatments and controls to reduce information security risks.

ISO/IEC 27001 provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security. Due to the diversity of different organizations’ information assets – the ISO/IEC 27001 standard is adaptable according to an organization’s requirements. The design and implementation of the ISMS is tailored to the organization’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements.

APMG ISO/IEC 27001 as a Complete Course:

• Two courses and two certifications: Foundation & Auditor
• Total of 8 months eLearning access (2 x 4 months)
• Access around the clock (Self-paced study)
• 2 official exam voucher

ISO/IEC 27001 Foundation eLearning

Course Contents

• Introduction, background and terminology;
• Key publications that compose the family of ISO/IEC 27001 standard;
• Leadership and support of an Information Security Management System;
• Planning and managing of an Information Security Management System;
• Goals of control and controls for an Information Security Management System;
• Acquiring ISO/IEC 27001 qualification.

Learning Objectives

• The scope and purpose of ISO/IEC 27001 and how it can be used including key terms and definitions used in the ISO/IEC 27000 series.
• The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement. The processes, their objectives and high level requirements. Applicability and scope definition requirements.
• The purpose of internal audits and external certification audits, their operation and the associated terminology. Use of controls to mitigate IS risks.
• The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

What is included?

• Course and material are in English
• Intermediate level for professional
• 120 days access to eLearning platform (self-paced study 24/7)
• 7 hours total video content 
• 21 hours recommended study time
• Downloadable PDF documents with detailed content (slides, explanations) for each lesson
• 1 official exam voucher included with 1 official exam simulation
• APMG ISO/IEC 27001 Foundation certification of completion

Who the course is aimed at

• Resources that support the implementation, operation and maintenance of an ISMS within an organization;
• Resources required to revise an ISMS and have knowledge of the standard;
• Resources working on an internal ISMS, regardless of whether the community already has an ISO/IEC 27001 certification or is considering obtaining one;
• Those who wish to acquire or prepare for an ISO/IEC 27001 Practitioner certificate.
• Third-party auditors who work for certification bodies and are responsible for conducting audits that certify organizations according to ISO 27001 and ISO 19011.
• Internal auditors who want to understand the specific information security management system audit requirements needed to confirm an organization's compliance with the ISO 27001 or ISO 19011 standard.

Exam Information

Exam and certification: Online!

• Multiple choice format
• 50 questions per paper
• 25 marks or more required to pass (out of 50 available) – 50%
• 40-minute duration
• Closed book

ISO/IEC 27001 Auditor eLearning

The APMG ISO/IEC 27001 Auditor certification demonstrates knowledge of how to audit organizations to identify conformity with ISO 27001, how to evaluate the principles of risk management and how to propose appropriate treatments and controls to reduce information security risk. Candidates who obtain this certification have knowledge of how to lead organizations through an audit program, direct audit teams in relation to the guidance given in ISO 19011 and how to evaluate the effectiveness of applied corrective actions to maintain ISMS conformity with ISO 27001.

Prerequisites: To take part to the ISO/IEC 27001 Auditor training course and exam, candidates must have ISO/IEC 27001 Foundation certification.

Contents

• Introduction, background and terms
• Audit management, types and activities
• Evidence

Objectives

• How to audit organizations to identify conformity with ISO 27001. How to evaluate the principles of risk management - including risk identification, analysis and evaluation.
• How to propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security.
• Leading organizations through an audit program and directing audit teams.
• Evaluating the effectiveness of applied corrective actions to maintain ISMS conformity with ISO 27001.

What is included?

• Course and material are in English
• Intermediate-advanced level for professional
• 120 days of access to eLearning platform (self-paced study 24/7)
• 4 hours total video content
• 14 hours recommended study time
• Downloadable PDF documents with detailed content (slides, explanations) for each lesson
• 1 official exam voucher included with 1 official exam simulation
• APMG ISO/IEC 27001 Auditor certification of completion

Auditor target audience

• Third-party auditors working for Certification Bodies, responsible for conducting audits which certify organizations against ISO 27001 and ISO 19011.
• Internal auditors seeking to understand the specific requirements of auditing Information Security Management Systems needed to confirm that an organization conforms to the ISO 27001 or ISO 19011 standard.
• IT Professionals / Practitioner
• IT Consultant
• IT Auditors
• IT System Managers

Exam Information

Exam and certification: Online!

• 40 Multiple choice questions
• 120-minute duration
• 20 marks or more required to pass (out of 40 available) - 50%
• Open book