Training & Certifications


This program is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls. It enables organizations to demonstrate excellence and prove best practice in Information Security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.

Re-released in 2013, ISO/IEC 27001 builds upon established foundations as the most widely recognized international standard specifically aimed at information security management. The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organizations electronic and physical information resources. The standard can be integrated with other management system framework standards, such as the quality standard ISO 9001 and ISO/IEC 20000 for IT service management.

ISO/IEC 27001 provides a model to establish, implement, maintain and continually improve a risk-managed ISMS. The design and implementation of the management system is tailored to the organization’s objectives, information assets, operational processes and governing legal and regulatory security requirements. The Foundation level qualification assesses your knowledge of the contents and high level requirements of the ISO/IEC 27001 standard.


At the end of the program, the participants will be able to :

  1. Learn about best practice in Information Security Management and apply this within your organization
  2. Realize the scope and purpose of the standard and how it can be implemented within an organization
  3. Understand the key terms and definitions used in ISO/IEC 27001 to effectively roll out the principles
  4. Leverage the fundamental ISO/IEC 27001 requirements for an ISMS to address the need to continually improve
  5. Recognize the purpose of internal audits and external certification audits, their operation and the associated terminology

ISO/IEC 27001 certification is designed for management and support personnel involved in the design, delivery, maintenance and improvement of an ISMS and supporting resources, equipping them with an understanding of the application of this best practice, internationally recognized standard.


This program is 3 days of intensive training class.


There are no pre-requisites for this course, although a basic knowledge of Information Security or Service Management concepts is recommended. Please note that an ISO/IEC 27001 Foundation candidate needs to study a supplementary paper in order to be fully prepared for the examination.


At the end of the program, the participants will be assessed with 40 minutes of ISO/IEC 27001 Foundation Exam.


ISO/IEC 27001 Foundation Certification will be awarded upon successfully passing the exam from APMG International.


  1. IWhat are ISO/IEC 27001:2013 Standard, History and Definitions
  2. The ISO/IEC 27001 Certification
  3. The ISO/IEC 2700x Norms
  4. The Information Security Management System (ISMS)
  1. Relation with the ISO 9001, ISO 14001, ISO 20000-1 Standards
  2. Relations with other standards and regulations (PCI DSS, SOGP, FIPS, HIPAA, SOX, etc.)
  1. The Information Security Management System (ISMS)
  2. Management Responsibilities
  3. Internal Audit and Management of the ISMS
  4. Continuous Improvement of the ISMS
  1. The Reasons for an Audit
  2. The different Audit Types and its Expected Audit Results
  3. Audit the Evidence to Demonstrate Compliance
  4. Preparation and Participation to a Certification Audit
  5. Conducting an Audit

Scroll to Top