What is included?

• You have 12 months time as of reception of the learning material to learn, do the exam and get your certification
  
• Certification and examination fees are included in the price of the training course. 
• Participants will receive the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes. 
  
• An Attestation of Course Completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. 
• If candidates fail the exam, they can retake it within 12 months following the initial attempt for free.
• + 20% reduction on the first year subscription for our all-in-one ISMS/GRC management solution

Why should you take this training course?

ISO/IEC 27002 Manager enables participants to acquire the necessary knowledge and skills to support an organization in selecting, implementing, and managing information security controls based on ISO/IEC 27002. The training course provides information that will help participants in gaining a thorough understanding of how information security risks can be treated by selecting relevant controls, especially in the context of an information security management system (ISMS).

A PECB ISO/IEC 27002 Manager certification will enable you to demonstrate your comprehensive knowledge in the implementation and management of information security controls based on industry best practices.

Who should attend?

This training course is intended for: 

• Managers involved in the implementation of an information security management system (ISMS) based on ISO/IEC 27001 
• IT professionals and consultants seeking to enhance their knowledge in information security
• Members of an ISMS implementation or information security team
• Individuals responsible for information security in an organization

Training course structure

Module 1: Introduction to ISO/IEC 27002

• Training course objectives and structure
• Standards and regulatory frameworks
• Fundamental concepts of information security, cybersecurity, and privacy
• Information security management system (ISMS) and ISO/IEC 27002
• Selection and design of controls
• Information security policies, procedures, and roles and responsibilities

Module 2: Information assets, people controls, physical controls, and operational security controls

• Information assets and access controls
• People controls
• Physical controls
• Operational security controls

Module 3: Information security incident management and monitoring of information security controls and certification exam

• Protection of information systems and network controls
• Supplier relationships and ICT supply chain
• Information security incident management
• Information security testing
• Monitoring information security controls
• Continual improvement
• Closing of the training course

Certification Exam

Learning objectives

After completing this training course, you will be able to:

• Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
• Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Support an organization in effectively determining, implementing, and managing information security controls based on ISO/IEC 27002

Examination

The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Domain 1: Fundamental principles and concepts of information security, cybersecurity, and privacy
• Domain 2: Information security controls based on ISO/IEC 27002

Duration: 3 hours
Location: Online through the PECB app OR in person in one of the PECB exam centers
Preparation: PECB Exam Preparation Guides
Language: The exam is available in multiple other languages and does not need to be taken in the same language as the training material. Additional time can be requested when your native language is not available in your mother tongue (to be requested by candidates on the exam day)
Retake: In case you fail the exam, you can retake it within 12 months following the initial attempt for free

For specific information about the exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certification

After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.

To be considered valid, these disaster recovery activities should follow best implementation and management practices and include the following:

1. Drafting an ISMS implementation plan
2. Managing an information security implementation project
3. Implementing information security processes
4. Selecting and implementing information security controls

Note: For more information about ISO/IEC 27005 certifications and the PECB Certification process, please refer to Certification Rules and Policies.

Contact us on [email protected] if you have other questions