ISO 27005 Foundation in United Kingdom
ISO/IEC 27005 Foundation training course enables the participants understand the fundamental concepts and principles of information security risk management based on ISO/IEC 27005.
Why should you attend?
By attending this training course, participants will learn more about the structure of the standard including information security risk assessment, treatment, acceptance, communication and consultation, and monitoring and review. They will also gain basic knowledge related to information security risk management based on other standards such as ISO/IEC 27001 and ISO 31000.
After attending the training course, you can sit for the exam and, if you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, processes, and management approaches used in information security risk management.

PECB

Who should attend?
- Individuals involved in information security risk management
- Individuals seeking to gain knowledge about the main processes of information security risk management
- Individuals interested in pursuing a career in information security risk management
Learning objectives
- Understand the basic concepts of information security risk management
- Acknowledge the correlation between ISO/IEC 27005, ISO 31000, ISO/IEC 27001, and other standards and regulatory frameworks
- Understand the approaches, methods, and techniques used for the management of information security risks
Educational approach
- This training course includes essay-type exercises, multiple-choice quizzes, examples and best practices used in information security risk management.
- The participants are encouraged to intercommunicate and engage in discussion and the completion of quizzes and exercises.
- Quizzes are similar to the certification exam.
Course agenda
Day 1: Introduction to fundamental concepts of information security risk management and ISO/IEC 27005
Day 2: Information security risk management and certification exam
Examination
The “PECB Certified ISO/IEC 27005 Foundation” exam complies with the PECB Examination and Certification Programme (ECP) requirements. The exam covers the following competency domains:
Domain 1: Fundamental concepts of information security risk management
Domain 2: Information security risk management approaches and processes
For more detailed information about the PECB examination process, please visit Examination Rules and Policies.
Certification
After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential.
For more information about ISO/IEC 27005 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
Credential | Exam | Professional experience | Risk Management experience | Other requirements |
PECB Certified ISO/IEC 27005 Foundation | PECB Certified ISO/IEC 27005 Foundation exam or equivalent | None | None | Signing the PECB Code of Ethics |
General Information
- Certification fees are included on the exam price.
- Participants will be provided with the training course material containing over 200 pages of explanatory information, examples, best practices, exercises and quizzes.
- An Attendance Record worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case candidates fail the exam, they can retake the exam within 12 months following the initial exam for free.