Information Security Foundation based on ISO27002
The international standard, the Code of Practice for Information Security ISO/IEC 27002:2013 is a
widely respected and referenced standard and provides a framework for the organization and
management of an information security program. Implementing a program based on this standard
will serve an organization well in its goal of meeting many of the requirements faced in today's
complex operating environment.
A strong understanding of this standard is important to the personal development of every
information security professional.
Every employee, from worker to top management, dealing with valuable information.
Course Duration: 16 hours / 2 days
At the end of this course, the learner will gain competencies to:
- Information and security: the concept, the value, the importance and the reliability of
- Threats and risks: the concepts of threat and risk and the relationship with the reliability
- Approach and organization: the security policy and security organization including the
components of the security organization and management of (security) incidents;
- Measures: the importance of security measures including physical, technical and
organizational measures and
- Legislation and regulations: the importance and impact of legislation and regulations
The course will revert to a standard training class.
A whiteboard, flip chart and a Projector/Beamer will be required
Course Student Material:
Delegates receive a copy of the classroom material.
- Examination type - Paper-based multiple-choice questions
- Number of questions - 40
- Pass mark - 65%
- Open book/notes - No
- Electronic equipment/aides permitted - No
- Time allotted for examination - 60 minutes
A certificate is awarded by EXIN when the candidates pass the exam.
ISO27002 – Information Security Foundation
Date: 20/10, 21/10
Course fee: HK$4,000 (including Exam fee)