ISO/IEC 27002 Manager training course provides information on the implementation and management of information security controls based on ISO/IEC 27002
- Take the training course
- Access the materials on KATE
- Enter the exam at your most convenient date, time, and location via PECB Exams
By successfully completing this training course, you will be able to:
- Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
- Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Support an organization in effectively determining, implementing, and managing information security controls based on ISO/IEC 27002
Why should you attend?
ISO/IEC 27002 Manager enables participants to acquire the necessary knowledge and skills to support an organization in selecting, implementing, and managing information security controls based on ISO/IEC 27002. The training course provides information that will help participants in gaining a thorough understanding of how information security risks can be treated by selecting relevant controls, especially in the context of an information security management system (ISMS).
A PECB ISO/IEC 27002 Manager certification will enable you to demonstrate your comprehensive knowledge in the implementation and management of information security controls based on industry best practices.
Who should attend?
- This training course is intended for:
- Managers involved in the implementation of an information security management system (ISMS) based on ISO/IEC 27001
- IT professionals and consultants seeking to enhance their knowledge in information security
- Members of an ISMS implementation or information security team
- Individuals responsible for information security in an organization
- This training is based on both theory and best practices used in the implementation and management of information security controls.
- Participants are encouraged to communicate and discuss with each other while partaking in exercises and quizzes.
- The structure of quizzes is similar to that of the certification exam.
The main requirements for participating in this training course are having a fundamental understanding of ISO/IEC 27002 and comprehensive knowledge of information security.
Training course structure
Introduction to ISO/IEC 27002
- Training course objectives and structure
- Standards and regulatory frameworks
- Fundamental concepts of information security, cybersecurity, and privacy
- Information security management system (ISMS) and ISO/IEC 27002
- Selection and design of controls
- Information security policies, procedures, and roles and responsibilities
Information assets, people controls, physical controls, and operational security controls
- Information assets and access controls
- People controls
- Physical controls
- Operational security controls
Information security incident management and monitoring of information security controls
and certification exam
- Protection of information systems and network controls
- Supplier relationships and ICT supply chain
- Information security incident management
- Information security testing
- Monitoring information security controls
- Continual improvement
- Closing of the training course
- Exam Duration : 2 hours
The “PECB Certified ISO/IEC 27002 Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:
- Domain 1: Fundamental principles and concepts of information security, cybersecurity, and privacy
- Domain 2: Information security controls based on ISO/IEC 27002
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential, please refer to the Certification Rules and Policies.
The information security activities should follow best implementation and management practices and include the following:
- Drafting an ISMS implementation plan
- Managing an information security implementation project
- Implementing information security processes
- Selecting and implementing information security controls