ISO/IEC 27001 Practitioner - Information Security Officer Self-Paced Online Course & Examination

The ISO/IEC 27001 Practitioner – Information Security Officer is a professional certification that demonstrates an individual's knowledge and competence in implementing, managing, and maintaining an Information Security Management System (ISMS) based on the ISO/IEC 27001 standard. This certification is aimed at professionals who are responsible for ensuring the security of information within an organisation and involves a deep understanding of the ISO/IEC 27001 standard's requirements and controls.  

Our self-paced online ISO/IEC 27001 Practitioner course prepares you for the exam leading to the ISO/IEC 27001 Practitioner Certification.

With your Self-Paced Online Course, you receive:

• Access to 5 lessons of our ISO/IEC 27001 Practitioner course (6 hours of instructor-led video content)
• 24/7 availability for 12-months
• Downloadable PDF documents with detailed content (slides, explanations) for each lesson
• Exercises and solutions
• Official SO/IEC 27001 Practitioner online exam voucher from APMG, the global examination provider
• Instructor assistance is available via email 

Course Overview

ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). 

The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls. 

An organisation that conforms to the ISO/IEC 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information. ISO/IEC 27001 therefore provides reassurance to sponsors, shareholders and customers that the organisation has expert control over its risk management and data security.

Due to the diversity of different organisation’s information assets – the ISO/IEC 27001 standard is adaptable according to an organisation’s requirements. The design and implementation of the ISMS is tailored to the organisation’s objectives, information assets, operational processes, governing legal requirements and regulatory security requirements. 

Learn to apply the standard to enable the management of information security. Content of the course includes;  

• Introduction, background and terminology 
• Design an Information Security Management System 
• Planning and working an Information Security Management System 
• The goal of controls and the security controls for Information Security 

Learning Outcomes

At the end of the course, provided the exam is successful, the examinee will know:

• Applying the principles of ISMS policy and its information security scope, objectives, and processes within an organisational context.
• Applying the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security. 
• How to analyse and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement. 
• How to analyse and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS. 
• How to create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001. 
• How to identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001. 

Who should attend

The ISO/IEC 27001 Practitioner course is aimed professionals who are:

• Internal managers and personnel working to implement, maintain and operate an ISMS within an organisation.
• External consultants supporting an organisation’s implementation, maintenance and operation of an ISMS. 
• Internal auditors who are required to have an applied knowledge of the standard. 

Pre-requisites

To certify for this course, you must hold at least one of the following certifications;

• APMG ISO/IEC 27001 Foundation certificate. 
• TÜV SÜD ISO27001 Foundation certificate.  
• ICO-CERT ISMS 27001 Foundation certificate. 

Exam & Certification

This course prepares participants for the examination leading to the ISO/IEC 27001 Practitioner certificate, granted by APMG International: 

• Objective Testing  
• 4 questions per paper with 20 marks available per question 
• 40 marks or more required to pass (out of 80 available) - 50% 
• 2½ hour duration 
• Open book* 

*Candidates are allowed to have a printed or digital copy of the standards listed below during the exam.

• ISO/IEC 27001:2022 Information technology -- Security techniques -- Information security management systems – Requirements
• ISO/IEC 27000:2018 Information technology -- Security techniques -- Information security management systems - Overview and vocabulary
• ISO/IEC 27002:2022, Information technology -- Security techniques -- Code of practice for information security controls
• ISO/IEC 27005:2022, Information technology -- Security techniques -- Information security risk management 

Course Material & Inclusions

Access to your own online learning portal for 12-months to work through the course materials and prepare for the examination.

ISO/IEC 27001 Practitioner online exam voucher, this is issued from APMG International (global examination body) on the same day your course access is activated. The schedule is available 24/7 so you can book and register for your exam at a time that suits. A webcam and internet connection is required. 

A digital badge you can share with your network will be provided via email upon passing your certification exam with APMG.