ISO/IEC 27001 Combined Package (Foundation + Practitioner) - eLearning (Exam Included)

APMG ISO/IEC 27001 Combined Package (Foundation + Practitioner), incl. official certifications

ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. An organization that conforms to the ISO/IEC 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information.

What is ISO/IEC 27001 for?

ISO/IEC 27001 contains requirements for organizations that want to establish, implement, maintain and continuously improve an information security management system. This framework serves as a guideline for continuously reviewing the security of your information, which will exemplify reliability and add value to your organization's services.

ISO/IEC 27001 provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security. Due to the diversity of different organizations’ information assets – the ISO/IEC 27001 standard is adaptable according to an organization’s requirements. The design and implementation of the ISMS is tailored to the organization’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements.

The difference between Foundation and Practitioner

Foundation level courses are considered entry-level training for those who want to learn the essential knowledge and basics of their role. Whereas Practitioner level courses are for those who have experience in the role and can then apply what they have learned in the workplace.

Details of APMG ISO/IEC 27001 : 2022 FOUNDATION & PRACTICES AS A COMPLETE ONLINE COURSE

• Two courses and two certifications: Foundation & Practitioner
• 8 months (2 x 4 months)
• 24-hour access
• 2 coupon codes valid for 2 years
• The latest version!
• Our e-learning platform is optimized for access via web browsers, including mobile!

Who Should Enroll in this Program?

This certification is aimed at those who are:

• Supporting the implementation, operation or maintenance of an ISMS within an organization.
• Required to audit an ISMS and to have a basic understanding of the standard.
• Working within an organization with an ISMS, whether the organization is already certified or is considering certification to ISO/IEC 27001.
• IT professionals / practitioner
• IT consultant
• IT Auditors
• IT system manager

ISO/IEC 27001 Foundation

Information about the APMG ISO/IEC 27001 Foundation course:

• Course and material are in English
• Intermediate level for professional
• 120 days access to the platform
• 7 hours total video content
• 21 hours recommended study time
• Downloadable PDF documents with detailed content (images, explanations) for each lesson
• 1 official exam voucher included with 1 official exam simulation
• Including the official APMGISO/IEC 27001 exam

Training objectives ISO/IEC 27001 : 2022

At the end of the course you will know:

• The scope and purpose of ISO/IEC 27001 and how it can be used including key terms and definitions used in the ISO/IEC 27000 series.
• The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement. The processes, their objectives and high level requirements. Applicability and scope definition requirements.
• The purpose of internal audits and external certification audits, their operation and the associated terminology. Use of controls to mitigate IS risks.
• The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

Content

• Introduction, background and terminology
• Key publications that make up the ISO/IEC 27001 family
• Leadership and support for an information security management system
• Planning and management of an information security management system
• Control objectives and controls for an information security management system
• Acquire ISO/IEC 27001 qualification.

Prerequisites:

• There is no specific requirement to attend the course and exam
• No educational background is needed

Foundation Exam details:

• Multiple choice format
• 50 questions per paper
• 25 marks or more required to pass (out of 50 available) – 50%
• 40-minute duration
• Closed book

ISO/IEC 27001 Practitioner 

ISO/IEC 27001 Practitioner - Information Security Officer is a professional certification that demonstrates an individual's knowledge and competence in implementing, managing and maintaining an information security management system (ISMS). This certification is aimed at professionals responsible for ensuring information security within an organization and involves a deep understanding of the ISO/IEC 27001 standard's requirements and controls.

Information on ISO/IEC 27001 Practitioner course:

• Course and material are in English
• Intermediate-Advanced level for professional
• 120 days access to the platform
• 5 modules. 6 hours of video with exercises and solutions
• 14 hours recommended study time
• Downloadable PDF documents with detailed content (images, explanations) for each lesson
• 1 official exam voucher included with 1 official exam simulation
• APMG ISO/IEC 27001 Practitioner certification of completion

Objective

• Apply the principles of information security management system policy and its scope, objectives and processes for information security within an organizational context
• Apply the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security
• Analyze and evaluate implemented risk treatments and controls to assess their effectiveness and opportunities for continuous improvement
• Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continuously improve the adequacy, sufficiency and effectiveness of the information security management system
• Understand, create, apply and evaluate the adequacy, sufficiency and effectiveness of documented information and records required by ISO/IEC 27001
• Identify and apply appropriate corrective actions to maintain the information security management system in accordance with ISO/IEC 27001

Who it is addressed to

• Internal managers and employees responsible for implementing, operating and maintaining an information security management system
• Advisors involved in supporting organizations to implement, operate and maintain an information security management system
• Internal auditors, who must have actual knowledge of the ISO/IEC 27001 standard

Content

• Introduction, background and terminology
• Designing an information security management system
• Planning and working with an information security management system
• The objective of information security controls and security checks

Prerequisites

To participate in the ISO/IEC 27001 training, candidates must have one of the following certifications:

• ISO/IEC 27001 Foundation
• TÜV SÜD Foundation certificate in ISMS according to ISO/IEC 27001
• ICO-CERT ISMS 27001 Foundation

Practitioner Exam details:

• Objective Testing
• 4 questions per paper with 20 marks available per question
• 40 marks or more required to pass (out of 80 available) - 50%
• 2½ hour duration
• Open book exam

Accreditation: APMG

Which version of the standard does this ISO/IEC 27001 Practitioner course refer to?

AVC's ISO/IEC 27001 Practitioner courses for the APMG Information Security Officer certification are based on the ISO/IEC 27001:2022 standard. These courses are designed to provide participants with a comprehensive understanding of the latest updates and requirements of the 2022 version of the standard.

How can I take the ISO/IEC 27001 Practitioner exam?

AVC includes online exams as part of our training packages, both online with self-study and virtual distance/classroom courses. The exam can be taken online worldwide, and it will be proctored with an online proctoring service.

To sit for the ISO/IEC 27001 Practitioner exam, candidates must have ISO/IEC 27001 Foundation certification.

Is APMG's ISO/IEC 27001 Practitioner certification recognized?

APMG's ISO/IEC 27001 Practitioner certification is internationally recognized by various entities, boards and organizations. It is recognized by many organizations in the information security and risk management sectors, as well as by many employers in the IT, cyber security and risk management industries.
This certification is highly valued for its practical focus on implementing and managing an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001 standard.

Is the APMG ISO/IEC 27001 Practitioner certification sufficient to be recognized as an Information Security Officer?

The APMG ISO/IEC 27001 Practitioner certification is a valuable credential that demonstrates knowledge and competence in implementing and managing an information security management system (ISMS) to the ISO/IEC 27001 standard. However, whether it is sufficient to be recognized as an Information Security Officer (ISO) depends on several factors:

• Experience: Many organizations require practical experience in information security in addition to certification.
• Requirements for the job: The specific requirements for an ISO position can vary across organizations and industries. Some may consider the APMG ISO/IEC 27001 Practitioner certification to be sufficient, while others may look for additional qualifications and experience.
• Legislation and industry standards: Some sectors, particularly those handling sensitive data, may have more stringent requirements for security officers.

The APMG ISO/IEC 27001 Practitioner certification is a strong qualification, but combining it with relevant experience and possibly other certifications will make you more recognized and suitable for an information security officer role.