Buy Now 200

Certified Information Security Management (ISO 27001) Foundation

About Certification

GSDC's Certified Information Security Management (ISO 27001) Foundation Certification has an end goal to share the knowledge about controls that an organization needs to implement to ensure that it is sensibly protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities. By extension, ISM includes information risk management, a process that involves the assessment of the risks an organization must deal with in the management and protection of assets, as well as the dissemination of the risks to all appropriate stakeholders. This requires proper asset identification and valuation steps, including evaluating the value of confidentiality, integrity, availability, and replacement of assets. As part of information security management, an organization may implement an information security management system and other best practices found in the ISO/IEC 27001 standards on information security. The Information Security Management (ISO 27001) Foundation is specially curated to shape the professionals in a way that they can handle threats, vulnerabilities, and mitigation. This certification empowers the participants to create, implement, communicate and evaluate any organization's security policies, procedures, and objectives in order to achieve a better guarantee of an organization's overall information security.

Certification badge Information Security Management Foundation
 

Objectives

Certified Information Security Management (ISO 27001) Foundation Certification's main objective is to provide the participants with an understanding of:

  1. The range of application for an ISMS
  2. Information security-related legislation applicable to the country(s) of operation
  3. Techniques and tools used in information security management
  4. The potential business impacts of ISMS
  5. Importance of asset and owner identification
  6. Control objectives and how these are addressed
  7. Risk assessment and identification
  8. Threats, vulnerabilities, and impacts
  9. Difference between risk assessment and risk evaluation
  10. The methodology of risk treatment, application, residual risk and review of the risk treatment plan
  11. Importance of the statement of applicability in the ISMS, and how it is used
  12. Difference between an IS event and incident.

 

Target Audience

about-us

ISMS auditors, such as those employed/contracted by third-party certification/registration bodies and those involved in first or second-party ISMS audits.

Information security practitioners, such as information security consultants, IT security managers and IT personnel.

Employees conducting ISMS audits within their own organization (internal audits).

 

Benefits

After the completion of this certification, the participants will have access to:

Practical knowledge of information security.

Better job opportunities with enhanced credibility and marketability.

Valuable resources like peer networking and idea exchange.

A network of globally accredited industries and subject matter experts.

Security information resources.

Business and technology orientation to risk management.

 

Pre-requisites

There is no such recommended experience required for getting this certification, only five years of direct full-time security professional work experience is required.

 

Examination

There will be multiple-choice exam of 40 marks.
You need to acquire 26+ marks to clear the exam.
If you fail, you can retake the exam after one day.
In case Participant does not score passing percentage then they will be granted a 2nd attempt at no additional cost. Re-examination can be taken up to 30 days from the date of the 1st exam attempt.

 

Exam Syllabus

1. What is Information Security?

  • Understand the requirements of ISO 27001(ISMS)
  • Understand the advantages of ISMS
  • Understand the purpose of ISO 27001
  • Information Security : Who is responsible?
  • Information Asset Classification
  • Password Security
  • Spam & Malware Protection
  • Email Security
  • Clear Desk & Clear Screen
  • Mobile Usage : Best Practices
  • Social Media Usage : Best Practices
  • Social Engineering
  • Phishing
  • Physical Security
  • Information Security Incidents


Download PDF

295 Turnpike Rd block 519, Westborough, MA 01581, USA
Hohenstieglen 6, 8152 Glattbrugg, Switzerland +41 41444851189
10 Anson Road #16-16 International Plaza, Singapore 079903