Management Training

ISO/IEC27002 Information Security Foundation

Closely aligned with the ISO27001 Standard, ISO27002 serves as a practical guideline for all members of staff as they initiate, implement and maintain an information security programme. An understanding of the best practice guidance as outlined in ISO27002 is essential to ensure the compliance to ISO27001 in any organisation. The ISO27002 ISMS Foundation Course delivers a comprehensive education in ISO27002 best practice and a recognised industry standard certification awarded by EXIN.

Qui devrait suivre ce cours?
  • This course is meant for all roles responsible for initiating, implementing or maintaining information security management systems (ISMS).
  • Every employee, from administrative workers to the CEO, dealing with valuable information.

There are no formal entry requirements. The course is designed to provide a comprehensive introduction to information security management. Given the close relationship of ISO27002 with ISO27001, we strongly recommend that delegates attend the ISO27001 ISMS Foundation Course prior to taking this course

Training Description

During this course, participants will learn, through a number of interactive sessions, the most significant aspects of the ISO27002 standard, its objectives, requirements, value to the organization, and its relation with the ISO27001 standard as well as with other standards. Additionally, participants will learn about the benefits and improvements that may be achieved by organizations that have an ISO27001-certified ISMS.

Course objectives

  • Learn the importance of confidentiality, integrity and availability of information.
  • Learn the types of risks, threats and damages, and the available risk strategies and the security measures you can take.
  • Get insight in the security policy and organization, inclusive code of conduct, ownership, and roles and responsibilities.
  • Be able to react to and manage security incidents.
  • Learn the various security measures: physical, technical and organizational.
  • Be aware of the most important legislations and regulations.

Introduction to Information Security

  • Information
  • Information Management
  • Reliability Aspects
  • Secure Information Systems Design
  • Operational Processes and Information
  • Information Architecture

Threats and Risks

  • Risk Management
  • Risk Analysis
  • Threats
  • Damage
  • Strategies
  • Guidelines for Implementing Security Measures

Approach and Organization

  • Security policy
  • Information Security Organization
  • Code of Conduct
  • Business Assets
  • Roles
  • Incident Management

Security Measures

  • Types of Security Measures
  • Risks and Security Measures
  • Information Classification
  • Physical Security Measures
  • Technical Measures
  • Organizational Security Measures

Legislation and Regulations

  • Compliance
  • Importance of Legislation and Regulations
  • Information Security Legislation
  • Legislative Acts
  • Information Security Regulations
  • Legislation and Regulations Measures

ISO/IEC 27000 standards

  • Introduction
  • ISO/IEC 27001
  • ISO/IEC 27002

Qualification Scheme

  • Qualification Scheme
  • EXIN contact information

Exam Description

  • Exam format
  • EXIN’s exam content
  • Tips for answering the exam

Review, Evaluation and Examination

  • General review
  • Sample exam
  • Sample exam review
  • Course evaluation
  • Course certificate
  • Certification exam

Informations practiques


2 Days




€1060,00 + 21% VAT


Classroom Courses


Guaranteed to run

Sessions anglophones
13/1 - 14/1Réserver
15/5 - 16/5Réserver
11/9 - 12/9Réserver
20/11 - 21/11Réserver

Partagez ce cours sur

Réservez votre formation

Entrez vos informations pour confirmer votre réservation.

    Test de pré-requis

    Vous cherchez une solution sur mesure ?