EXIN Information Security Foundation based on ISO/IEC 27001 - Including Exam
- Code training ISF-EXIN
- Duur 2 dagen
Andere trainingsmethoden
Extra betaalopties
-
GTC’s 16 (incl. BTW)
Global Training Credits: neem contact met ons op voor meer informatie
Methode
Deze training is in de volgende formats beschikbaar:
-
Klassikale training
Klassikaal leren
-
Op locatie klant
Op locatie klant
-
Virtueel leren
Virtueel leren
Vraag deze training aan in een andere lesvorm.
Trainingsbeschrijving
Naar bovenEXIN Information Security Foundation based on ISO/IEC 27001 certification confirms that the professional understands information security principles and concepts applied in the work environment and knows how to mitigate risk.
Globalization of the economy is leading to an ever-growing exchange of information. This information crosses not only national borders but also the thin lines between private and business domains. The scope of accountability grows together with the information that is managed. The international standard for information security management ISO/IEC 27001 is a widely respected and referenced standard and provides a framework for the organization and management of an information security program.
In the EXIN Information Security Management based on ISO/IEC 27001 program, the following definition is used: information security is the preservation of confidentiality, integrity, and availability of information.
EXIN Information Security Foundation based on ISO/IEC 27001 tests the basic concepts of information security and their relationships. Objectives of this module are to raise awareness that information is valuable and vulnerable, and to learn which controls are necessary to
protect information.
Virtueel en Klassikaal™
Virtueel en Klassikaal™ is een eenvoudig leerconcept en biedt een flexibele oplossing voor het volgen van een klassikale training. Met Virtueel en Klassikaal™ kunt u zelf beslissen of u een klassikale training virtueel (vanuit huis of kantoor )of fysiek op locatie wilt volgen. De keuze is aan u! Cursisten die virtueel deelnemen aan de training ontvangen voor aanvang van de training alle benodigde informatie om de training te kunnen volgen.
Data
Naar boven-
- Methode: Virtueel leren
- Datum: 13-14 juli, 2026 | 09:00 to 16:30
- Locatie: Virtueel-en-klassikaal (W. Europe )
- Taal: Nederlands
-
- Methode: Virtueel leren
- Datum: 23-24 november, 2026 | 09:00 to 16:30
- Locatie: Virtueel-en-klassikaal (W. Europe )
- Taal: Nederlands
Doelgroep
Naar bovenTrainingsdoelstellingen
Naar bovenThe certification covers:
- information and security
- threats and risks
- security controls
- legislation, regulations, and standards
Inhoud training
Naar boven1 Information and security
1.1 Concepts relating to information
The candidate can…
1.1.1 explain the difference between data and information.
1.1.2 explain information security management concepts.
1.2 Reliability aspects
The candidate can…
1.2.1 explain the value of the CIA-triangle.
1.2.2 describe the concepts accountability and auditability.
1.3 Securing information in the organization
The candidate can…
1.3.1 outline the objectives and the content of an information security policy.
1.3.2 explain how to ensure information security when working with suppliers.
1.3.3 outline roles and responsibilities relating to information security.
2 Threats and risks
2.1 Threats and risks
The candidate can…
2.1.1 explain threat, risk, and risk management.
2.1.2 describe types of damage.
2.1.3 describe risk strategies.
2.1.4 describe risk analysis.
3 Security controls
3.1 Outlining security controls
The candidate can…
3.1.1 give examples of each type of security control.
3.2 Organizational controls
The candidate can…
3.2.1 explain how to classify information assets.
3.2.2 describe controls to manage access to information.
3.2.3 explain threat and vulnerability management, project management, and incident management in information security.
3.2.4 explain the value of business continuity.
3.2.5 describe the value of audits and reviews.
3.3 People controls
The candidate can…
3.3.1 explain how to enhance information security through contracts and agreements.
3.3.2 explain how to attain awareness regarding information security.
3.4 Physical controls
The candidate can…
3.4.1 describe physical entry controls.
3.4.2 describe how to protect information inside secure areas.
3.4.3 explain how protection rings work.
3.5 Technical controls
The candidate can…
3.5.1 outline how to manage information assets.
3.5.2 describe how to develop systems with information security in mind.
3.5.3 name controls that ensure network security.
3.5.4 describe technical controls to manage access.
3.5.5 describe how to protect information systems against malware, phishing, and spam.
3.5.6 explain how recording and monitoring contribute to information security.
4 Legislation, regulations, and standards
4.1 Legislation and regulations
The candidate can…
4.1.1 give examples of legislation and regulations relating to information security.
4.2 Standards
The candidate can…
4.2.1 outline the ISO/IEC 27000, ISO/IEC 27001, and ISO/IEC 27002 standards.
4.2.2 outline other standards relating to information security.
Examen
Naar bovenRequirements for certification
- Successful completion of the EXIN Information Security Foundation based on ISO/IEC 27001 exam
Examination details
- Examination type: Multiple-choice questions
- Number of questions: 40
- Pass mark: 65% (26/40 questions)
- Open book: No
- Notes: No
- Electronic equipment/aides permitted: No
- Exam duration: 60 minutes
The Rules and Regulations for EXIN’s examinations apply to this exam.