ISO/IEC 27002 Information Security Controls Lead Manager (PECB Certified) - Including Exam

This training course is intended for:

- Managers or consultants seeking to enhance their knowledge regarding the implementation of information security controls in an ISMS based on ISO/IEC 27001
- Individuals responsible for maintaining information security, compliance, risk, or governance in an organization
- IT professionals or consultants seeking to enhance their knowledge in information security
- Members of an ISMS implementation or information security team

Upon successfully completing the training course, participants will be able to:

• Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
• Acknowledge the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Interpret the ISO/IEC 27002 information security controls in the specific context of an organization
• Support an organization in effectively determining, implementing, and managing information security controls based on ISO/IEC 27002
• Explain the approaches and techniques used for the implementation and effective management of information security controls

Day 1: Introduction to ISO/IEC 27002

Day 2: Roles and responsibilities, assets, policies, and people controls

Day 3: Physical controls and protection of information systems and networks

Day 4: Information security incident management and testing and monitoring of information security controls based on ISO/IEC 27002

• The main requirements for participating in this training course are having a fundamental understanding of ISO/IEC 27002 and comprehensive knowledge of information security controls.

• ISO27002F - ISO/IEC 27002 Information Security Controls Foundation (PECB Certified) - Including Exam

The “PECB Certified ISO/IEC 27002 Lead Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Domain 1: Fundamental principles and concepts of information security, cybersecurity, and privacy
• Domain 2: Information security management system (ISMS) and initiation of ISO/IEC 27002 information security controls implementation
• Domain 3: Implementation and management of organizational and people controls based on ISO/IEC 27002
• Domain 4: Implementation and management of physical and technological controls based on ISO/IEC 27002
• Domain 5: Performance measurement, testing, and monitoring of ISO/IEC 27002 information security controls

After successfully completing the exam, you can apply for one of the credentials shown below. You will receive a certificate once you fulfill all the requirements of the selected credential.

The requirements are as follows:

PECB Certified ISO/IEC 27002 Provisional Manager

• Exam: PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent
• Professional experience: None
• ISCMS project experience: None
• Other requirements: Signing the PECB Code of Ethics

PECB Certified ISO/IEC 27002 Manager

• Exam: PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent
• Professional experience: Two years, including one year of work experience in Information Security Management
• ISCMS project experience: Information Security Management activities totaling 200 hours
• Other requirements: Signing of the PECB Code of Ethics

PECB Certified ISO/IEC 27002 Lead Manager

• Exam: PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent
• Professional experience: Five years, including two years of work experience in Information Security Management
• ISCMS project experience: Information Security Management activities totaling 300 hours
• Other requirements: Signing of the PECB Code of Ethics

PECB Certified ISO/IEC 27002 Senior Lead Manager

• Exam: PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent
• Professional experience: Ten years, including seven years of work experience in Information Security Management
• ISCMS project experience: Information Security Management activities totaling 1,000 hours
• Other requirements: Signing of the PECB Code of Ethics

The information security activities should follow best implementation and management practices and include the following:

• Drafting an ISMS implementation plan
• Managing an information security implementation project
• Implementing information security processes
• Selecting information security processes
• Implementing information security controls

Educational Approach

- The training course integrates both theory and practice by guidance and practical examples for the implementation and management of information security controls.
- The training course contains essay-type exercises and multiple-choice quizzes, some of which are scenario-based.
- Participants are encouraged to communicate and discuss with each other while partaking in exercises and quizzes.
- The structure of quizzes is similar to that of the certification exam.

General Information

- Certification and examination fees are included in the price of the training course
- Participants will be provided with training course materials containing over 450 pages of information, practical examples, exercises, and quizzes.
- An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
- Candidates who have completed the training course but failed the exam are eligible to retake it once for free within a 12-month period from the initial date of the exam.