ISO 27005 Foundation
ISO/IEC 27005 Foundation training course enables the participants understand the fundamental concepts and principles of information security risk management based on ISO/IEC 27005.
Why should you attend?
By attending this training course, participants will learn more about the structure of the standard including information security risk assessment, treatment, acceptance, communication and consultation, and monitoring and review. They will also gain basic knowledge related to information security risk management based on other standards such as ISO/IEC 27001 and ISO 31000.
After attending the training course, you can sit for the exam and, if you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, processes, and management approaches used in information security risk management.
PECB
Who should attend?
- Individuals involved in information security risk management
- Individuals seeking to gain knowledge about the main processes of information security risk management
- Individuals interested in pursuing a career in information security risk management
Learning objectives
- Understand the basic concepts of information security risk management
- Acknowledge the correlation between ISO/IEC 27005, ISO 31000, ISO/IEC 27001, and other standards and regulatory frameworks
- Understand the approaches, methods, and techniques used for the management of information security risks
Educational approach
- This training course includes essay-type exercises, multiple-choice quizzes, examples and best practices used in information security risk management.
- The participants are encouraged to intercommunicate and engage in discussion and the completion of quizzes and exercises.
- Quizzes are similar to the certification exam.
Course agenda
Day 1: Introduction to fundamental concepts of information security risk management and ISO/IEC 27005
Day 2: Information security risk management and certification exam
Examination
The “PECB Certified ISO/IEC 27005 Foundation” exam complies with the PECB Examination and Certification Programme (ECP) requirements. The exam covers the following competency domains:
Domain 1: Fundamental concepts of information security risk management
Domain 2: Information security risk management approaches and processes
For more detailed information about the PECB examination process, please visit Examination Rules and Policies.
Certification
After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential.
For more information about ISO/IEC 27005 certifications and the PECB certification process, please refer to the Certification Rules and Policies.
Credential | Exam | Professional experience | Risk Management experience | Other requirements |
PECB Certified ISO/IEC 27005 Foundation | PECB Certified ISO/IEC 27005 Foundation exam or equivalent | None | None | Signing the PECB Code of Ethics |
General Information
- Certification fees are included on the exam price.
- Participants will be provided with the training course material containing over 200 pages of explanatory information, examples, best practices, exercises and quizzes.
- An Attendance Record worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- In case candidates fail the exam, they can retake the exam within 12 months following the initial exam for free.
Trainer
Eliza Popa
I am a Diplomat Economist who has been working with CII organizations for over 30 years. Out of this tenure, 14 years have been dedicated to IT digital transformation projects and operations, followed by over 10 years in information security roles with both end-user organizations and consultancy firms. My professional certifications include CISSP, CISA, CRISC, CISM, CDPSE, CCSK v4, ITIL v3, Oracle SQL DBA, and PECB ISO/IEC 27001 Master, ISO/IEC 27002 Sr. Lead Manager, ISO/IEC 27005 Sr. Lead Risk Manager, Sr. Lead Cybersecurity Manager, CISO, Sr. Lead Cloud Security Manager, ISO/IEC 38500 Sr. Lead IT Corporate Governance Manager, ISO/IEC 20000 Sr. Lead Auditor, ISO 37301 Sr. Lead Implementer, ISO 31000 Sr. Lead Risk Manager, ISO 21502 Sr. Lead Project Manager, and ISO 9001 Sr. Lead Auditor. I provided informal training to CISA and CISSP candidates from 2016 until 2019, when I became an ISC2 Official Training Instructor for CISSP and a PECB Certified Trainer. Furthermore, in 2022 I became an ISC2 Official Training Instructor for CC and a CSA Authorized Trainer for CCSK v4 Foundation and Plus (AWS / Azure labs). My expertise and capabilities captured the attention of PECB, who, in 2023, appointed me to develop and record the eLearning training content and Skills content for ISO/IEC 27001 Lead Implementer and ISO/IEC Lead Auditor courses. https://www.linkedin.com/in/elizapopa/