CALL US +1 (646) 759 9933

Please register to access the free course

Enroll for free
ISO training | ISO 27001:2013 Foundations Course
Course instructor: Dejan Kosutic
Course language: English
The course instructor is Dejan Kosutic, who has rich experience with ISO 27001, but also with ISO 22301 as a consultant, certification auditor, and tutor. He is the author of numerous articles in the leading ISO 27001 blog, and also of the ISO 27001 Documentation Toolkit.

ISO 27001:2013 Foundations Course

In this online course you’ll learn everything you need to know about ISO 27001, including all the requirements and best practices for compliance. The course is made for beginners in information security and ISO standards, and no prior knowledge is needed to take this course.

The exam from this course is certified by Exemplar Global (formerly RABQSA). After passing the exam you will receive a certificate proving that you attained Information Security Management Systems competency.

The course is organized into 6 modules, where each module has several video lectures and activities that will help you learn more quickly, as well as a practice exam that will prepare you for the certification exam – please see below for the content of each module. All the video lectures are pre-recorded, so you can take the course from anywhere, at any time for your convenience.

  • The total course duration, including the reading of required materials, is approximately 8 hours.
  • There is no time limit for taking the course, but it is recommended that you finish it within one week’s time.
  • The access to this course and to the practice exams is completely free; the fee for the certification exam is US$ 249– after you pass the exam we’ll send you your certificate in a matter of days.

Course Curriculum

Introduction to the course
Module 1 - Introduction to ISO 27001
Introduction & suggested reading
What is ISO 27001?
The structure of ISO 27001
Information security principles
Introduction to the Information Security Management System
Implementing ISO 27001 requirements
Implementing ISO 27001 as a project
Documenting ISO 27001 requirements
ISO 27001 Benefits
Related documentation
Practice exam
Module 2 - The planning phase
Introduction & suggested reading
Understanding your organization and its context [clause 4.1]
Understanding the needs and expectations of interested parties [clause 4.2]
Determining the scope of the ISMS [clause 4.3]
Leadership and commitment [clause 5.1]
Information Security Policy [clause 5.2]
Organizational roles, responsibilities and authorities [clause 5.3]
Information security objectives [clause 6.2]
Resources [clause 7.1]
Competence [clause 7.2]
Awareness [clause 7.3]
Communication [clause 7.4]
Documented information [clause 7.5]
Related documentation
Practice exam
Module 3 - Risk management
Introduction & suggested reading
Addressing risks and opportunities [clause 6.1.1]
Risk management process [clause 6.1.2]
Information security risk assessment – Risk identification [clause 6.1.2]
Information security risk assessment – Risk analysis and evaluation [clause 6.1.2]
Information security risk treatment [clause 6.1.3]
Statement of Applicability [clause 6.1.3]
Risk treatment plan [clause 6.1.3]
Related documentation
Practice exam
Module 4 - The Do phase
Introduction & suggested reading
Formulating the risk treatment plan [clause 6.1.3]
Implementing the risk treatment plan [clause 8.3]
Operational planning and control [clause 8.1]
Operating the ISMS [clause 8]
Managing outsourcing of operations [clause 8.1]
Controlling changes [clause 8.1]
Risk assessment review [clause 8.2]
Related documentation
Practice exam
Module 5 - The Check and Act phases
Introduction & suggested reading
Monitoring, measurement, analysis, and evaluation [clause 9.1]
Internal audit [clause 9.2]
Management review [clause 9.3]
Nonconformities and corrective actions [clause 10.1]
Continual improvement [clause 10.2]
Related documentation
Practice exam
Module 6 - Annex A – Control objectives and controls
Introduction & suggested reading
Introduction to Annex A – Reference control objectives and controls
Structure of Annex A
Information security policies [A.5]
Organization of information security [A.6]
Human resources security [A.7]
Asset management [A.8]
Access control [A.9]
Cryptography [A.10]
Physical and environmental security [A.11]
Operational security [A.12]
Communications security [A.13]
System acquisition, development and maintenance [A.14]
Supplier relationships [A.15]
Information security incident management [A.16]
Information security aspects of business continuity management [A.17]
Compliance [A.18]
Related documentation
Practice exam
Instructions for taking the exam and obtaining the certificate

Course Reviews

  1. Profile photo of avenieris avenieris says:

    I believe the best free resource available
    Even some feature needs to be purchased (and this is completely fair), the documentation (via PDFs) and the videos (imo) are probably the best free resources in the whole internet to understand the whole procedure of ISO 27001.
    In addition, if you have some experience of several years in the IT field, most of the topics looks like an obvious consequence of the (business) logic behind it.
    The eBooks look very useful and at a reasonable price too.
    The purchased documentation looks really promising but it is expensive (imo), at least for the ISO 27001 set of docs. I believe a price near to 500€-550€ would make them far more competitive.
    Lastly, I would like to see more quiz and practical exercises that will simulate the final exams in this field.

  2. Profile photo of dadusei dadusei says:

    This is fantastic. A flexible way of learning without hustle. I learnt so much from here and preparing for the exams. Advisera thank you so much.

  3. ISO 27001 Foundation Course
    Easy to understand all Clauses and Annex A controls.

  4. Profile photo of THANGAVELU THANGAVELU says:

    ISO 27001 Foundation Course
    It is crisp, capsule module, easy to comprehend and understand clearly about the basic concepts. Energize me to take more subjects. Great.

  5. Profile photo of SusanAwad SusanAwad says:

    Great Course
    I am really learning new information without realizing. It’s great.

  6. Profile photo of jhpersonal jhpersonal says:

    Brief BUT exactly to the point
    Excellent course in 3 to 4 minute short video format. To the point and precise.

  7. Profile photo of anssi99 anssi99 says:

    Very informal overview
    I am new with ISO27000 and this course gave me a lot of information in easy format. These short tracks are suitable to listen whenever you have spare time.

  8. Great way to get to know ISO 27001
    This is an excellent way to get introduced to the ISO 27001. Everthing is explaned very well and with some questions you can control whether you absorped the information well. Great set up, it is very well done.

  9. Profile photo of JenniferADS JenniferADS says:

    ISO 27001:2013 Foundations Course
    ISO 27001:2013 Foundations Course

  10. Profile photo of vt100 vt100 says:

    Very well presented. Thank you!
    Very comprehensive auxiliary material for the articles on the site.

    Thank you!

  11. Profile photo of mariojmf mariojmf says:

    Very good. Thank you for this free course and related materials.

  12. Profile photo of says:

    Excellent foundations course.
    The presentations where very clear to me. It helps hearing someone speak to the different clauses of the course. Secure & Simple!
    I would definitely recommend this course for anyone starting out with ISO 27001:2013.

  13. Excelente curso!
    Es una muy buena guía para entender desde lo más básico la norma

  14. Profile photo of pksmart pksmart says:

    ISO 27001:2013 Foundations Course
    Nicely derived ISO 27001:2013 Foundations Course, the understanding of ISMS standards and the explanation technique of trainer is extremely great.

  15. Profile photo of remi remi says:

    Thanks Dejan,

    You blew my mind with this learning approach. It is simple with a lot of real life simple scenarios to enable understanding, which should be the focus of learning program.

    Thank you

  16. Profile photo of sorina sorina says:

    Excellent course and guide. Video presentations and explanations of terms also examples were very useful for me. I recommend it to anyone interested about ISO27001

  17. Profile photo of Ioannis23 Ioannis23 says:

    Very good!
    Great course. Well explained.


  18. Profile photo of marutrpe marutrpe says:

    Excellent Foundation course
    An Excellent guide to iso 27001 certification process.

  19. Profile photo of lsimmons lsimmons says:

    Human insite into technical information
    This course is excellent. It helps hearing someone speak to the different clauses of the course. Secure & Simple is great but to add the human element was very helpful. Thanks for providing this. I will take it a second time before taking the test.

  20. good course
    good training course and easy to understand for a french people 🙂

  21. Profile photo of zoran.mdri zoran.mdri says:

    Useful and enjoyable
    I find this course both beneficial and enjoyable. Hence, I would recommend it to those interested in learning about ISO 27001/2 standards.

  22. Profile photo of srinivas srinivas says:

    I enjoyed every part of the course.
    This is a great introductory course and gives direction in the case that you want to adopt ISO27001

  23. Profile photo of Akhila Akhila says:

    Wonderful experience
    A useful course and excellent value
    I would definitely recommend this course for anyone starting out with ISO 27001.

  24. Profile photo of praveetha123 praveetha123 says:

    Excellent and Very interesting and instructive course

  25. Profile photo of dgavojde dgavojde says:

    Wonderful experience
    Great experience overall. Thank you

  26. Profile photo of Oyinloye Oyinloye says:

    I enjoyed every part of the course.
    Advisera is is brilliant! It’s easy to use, clear and simple.

  27. Congratulations! It is an excelent course.
    Great job, it is an excelent course, it is easy to understand. In order to reinforsed the ISO 27001 course knowledge, I think is better to read the standard when a module is finished.
    Thank you.

  28. Profile photo of JWDavenport JWDavenport says:

    Great Resource
    Brilliant course and all the information is very easy to mentally digest.
    Highly recommended

  29. Profile photo of tjhodge1989 tjhodge1989 says:

    Fantastic Course
    The course is

  30. Many Thanks.
    A useful course and excellent value.

  31. Profile photo of hatitye hatitye says:

    Awesome foundation work
    This is a great introductory course and gives direction in the case that you want to adopt ISO27001.

  32. Profile photo of ayodyadsr ayodyadsr says:

    Video can't load
    My iphone 5S can’t load video in advisera

  33. Profile photo of AlanMB AlanMB says:

    Very Useful
    A useful course and excellent value, given that it’s free!
    It’s not the most exciting presentation but it contains good content and is very effective at what it sets out to do.

  34. Very Good
    The course provides very good explanation of the concepts of controls needed for the information security and of the standard ISO 27001.

  35. Profile photo of LQL LQL says:

    ISO 27001:2013 foundation Course
    Excellent course. It gives a kick, so now I will start to read some of the additional material to get a clear view.

  36. Profile photo of sjthompson sjthompson says:

    ISO 21001:2013 Foundations Course
    Thank you, a very thorough introduction to ISO 27001, well paced and informative, good to have an independent perspective on what is actually required to implement.

  37. Profile photo of pcross pcross says:

    ISO 27001:2013 Foundations Course
    Thank you. I very much enjoyed this course. I am new to ISO27001 (and InfoSec audits in general) and I found the course to be well-paced, well organized and well delivered. I especially appreciated the fact that it was self-paced and available to me at any time. I will plan to take the exam in the next week or so.

  38. Very good and very clear, thanks

  39. Profile photo of maurizioc57 maurizioc57 says:

    So far, very clear
    I’m new to ISO/IEC 27001 (with long-lasting background on IT management and advisory)
    I’ve just implemented ISO 9001:2015 in a medium business and I’d like to lead it to ISMS.
    So, this course is a good starting point.
    I had appreciated even the template provided if it was in italian.. Too bad it is not! I have no time to translate it.

  40. Profile photo of faridlmu faridlmu says:

    Well Organized
    Very well organized and well structured course and helps me a lot to learn ins and out of ISO 27001

  41. Profile photo of jadux jadux says:

    Great Intro
    Still doing the course, but helping a great deal

  42. Profile photo of Danek Danek says:

    My opinion
    This is really worth to go through this course. We are preparing for ISO27k audit and this was very helpful to understand all the aspects.

  43. very well structured
    very well structured and presented

  44. Profile photo of esecuritym esecuritym says:

    Very interesting course
    Very interesting and instructive course

  45. Profile photo of sabad916 sabad916 says:

    ISO 27001 Made Easy!
    I find Dejan’s explanation of the course so easy to understand and follow. This has definitely increased my understanding of the entire process and relationships and I now feel even more confident taking this on as a project. In my humble opinion it should be called ‘ISO 27001 Made Easy’.

  46. Very useful
    Very useful and an excellent aid in producing a PID

    Good work Advisera Very convenient and knowledgeable

  48. Profile photo of svenbijvoet svenbijvoet says:

    Free and great course!
    Very helpfull course, not only for the standard but also for consolidating general knowledge in the field. In combination with the good articles and Dejan exceptional ebooks it gave me a very good understanding of the ISO 27000/22301 landscape. Thank you Dejan for this great work!

  49. Profile photo of GEORGINAM GEORGINAM says:

    This needs to be jazzed up a bit but is very thorough . My God get rid of that insipid beige and make it less monotone!

  50. Profile photo of M.Ardusso M.Ardusso says:

    Very interesting course
    I already had experience with implementing ISO27001 in a organization. I took this course as a refreshment course and the first 5 modules for me where repetitive, but non the less educative. The last module however I was quite surprised of how much the course teached me! Thanks for this free course!

  51. Very Interesting and Informative Course
    Good day

    Great foundation course indeed and at a right time for me. I am tasked with ISMS implementation as part of my KPI, the course really prepared me to knowing where to begin. I also created about 130 pages of notes from this invaluable and informative information. Thanks to the course convenor and the whole team of Advisera thumbs up. Looking forward to purchase and taking the exam while still fresh.

  52. Great Course!!!

    This is an awesome course just what I needed.I have a question though,will this also have an option to be PECB certified?

  53. Profile photo of hrick hrick says:

    Helped me a a german beginner
    Even for me as a German, this english course was well structured and understandable. Now I’m reading your book “Secure & Simple”. The first pages showed me the same good understandable english language and content, also fit for non native english speaker. After reading the book the next step will start with your documenation toolkit.
    So thanks for taking away my fear for implementing ISO 27001.

  54. Profile photo of m.paradiso m.paradiso says:

    Very good course
    Very good course for beginners and a very good Dejan that explained all the ISMS requirements as well as controls with examples.
    I would recommend this course for anyone starting out with ISO 27001.

  55. Profile photo of Gena M Gena M says:

    Great course!
    I love this course – the way it’s build and represented to us, the short and easy to understand videos, and the way of speaking clear and no rush – it feels like you are sitting in the class room with the real person. The website is very easy to access even from my phone, and it loads quick too, quicker then facebook. All I need is my headphones and little more time to finish the course faster. Thank you, guys! Great job! I’m looking forward for taking the test and the next course for internal auditing!

  56. Course review
    I am going through the contents and taking the tests, yet to purchased the exam and take the exam, hoping to the tackle the Auditing course and exam after this.
    So far clear and concise, inittially it is slow and painful but due to the contensts. I have just completed Module 3 starting module 4 and probably because the contnets is more interesting it is going in better .
    Contents is great hope to pass the exam this space

  57. Profile photo of vlad_371 vlad_371 says:

    Great Course
    Excellent staff. I like it very much. Can’t be better.

  58. Great tutor
    I am very thankful for the way the Dejan explained all the ISMS requirements as well as controls with examples.
    I have never come across such a tutor who explained all the points in short but effective way. I wish him all the best.

  59. Profile photo of llitzenb llitzenb says:

    Really useful course for beginners
    I would definitely recommend this course for anyone starting out with ISO 27001.

  60. Profile photo of Maria Maria says:

    Good course for beginners
    I was not familiar at all with ISO27001, I find this course very good. It is well structured, the information provided is relevant in each reading and video. The free toolkit is also a good help.

  61. Profile photo of sachinsavant sachinsavant says:

    Fantastic presentation and content coverage
    One of the best online trainings i have attended recently. complete coverage of ISO 27001 standards, requirements, basics, examples and supporting documentations. i will also explore on other courses and i am sure they will be as good as this one. Thank you very much.

  62. Profile photo of kleblanc65 kleblanc65 says:

    Course is well worth the time
    I definitely consider the course to be worthwhile. I am planning on also completing the auditing course. The information was broken up into good segments. I think the quizzes could have been a little better, topic-wise. It would also be nice to have a longer assessment test at the end. I hope to be able to purchase the certificate exam soon. Thank you for providing this very valuable resource.

  63. Profile photo of Jweimer Jweimer says:

    The videos are great. The quizzes . . . . not so much
    I love the videos. They’re great and very informative. The white papers, by in large, are repetitive. Sadly, the quizzes which are very good, are not scored accurately. When you look at the explanation, the “correct” answers often do not agree with items selected (e.g., there have been a number of instances where items that I have selected have been marked wrong, but . . . even more significant have been answers that I have NOT selected that have been marked as correct anyway.

  64. Profile photo of Mohammed Mohammed says:

    Great Great Course indeed
    This is a great foundation course, clear, to the point and include all what you need to start your first steps in ISO27001.

  65. Profile photo of wkoolstra wkoolstra says:

    Very helpful and well structured course
    The course, together with the extensive documents provided, gives a very good and solid insight into what is involved in going for 27001 certification and the steps to take.

  66. Great course
    Thank you very much for this helpfull and clearc ourse

  67. Profile photo of Hubert Hubert says:

    Great Course!
    Great Course!

    I found the course very well structured.

    The 27001 process and its dependent elements were well explained. Meanwhile, definitions and terms were also elaborated in simple English; making the whole concept easy to understand and applicable in real-life situation.

    I deeply appreciated and thanks very much for the sharing!

  68. Enjoyed the course - Wonderful
    Great course! I find this ISO 27001 course very pragmatic. It helped me fixing some vague concepts. I feel much confident now as I see from where to start should I implement it for my organisation. Thanks for sharing!

  69. Great course. I’m really learning a lot. Lots of additional reading and resources. My company wanted me to learn about ISO 27001 so that we could roll out at our company. I feel much more confident now that I had before taking this course.

  70. Fondation Course
    The course was excellent, a great concept.

  71. Profile photo of smj smj says:

    Foundation Course
    Impressive & great work .

  72. Profile photo of srkamath srkamath says:

    Excellent course, highly recommended
    Excellent course and highly recommended for beginners and information security professionals who want to brush up the ISO 27001 skills.

    The contents are well presented and spot on. No fluff just stuff. Highly recommended.

  73. Profile photo of rahma rahma says:

    An excellent course for beginners. It helps me clarify and organise ideas and concepts about the ISMS.

  74. Profile photo of Mathewsogutu Mathewsogutu says:

    Excellent Organisation
    Am enjoying the course mode of delivery the revisions and activity challenging and very informative to foster better understanding of the ISO requirement

  75. Profile photo of earlswood earlswood says:

    Excellent course for absolute beginners.

  76. Profile photo of shtywi shtywi says:

    البداية المثالية لشهادات متقدمة
    يمكن أعتبار هذه الدورة كحجر ارتكاز للانطلاق في عالم ISO27001 بحيث ستكتسب من خلال هذه الدورة جميع المفاهيم الاساسية للمعيار , ايضا ومن خلال سلسلة الفيديوهات ستتكمن من ربط المواد التي قمت بقراءتها مسبقا في بداية كل موضوع وستمكن من فهم الطريقة التي يمكنك التحدث بها عن موضوع المعيار ….. بمعنى أن الدورة لن تكسبك فقط مهارات نظرية عن موضوع المعيار بل ستعززها بمهارات حوارية من خلال الفيديوهات .

    أحببت أن أضع تقييم للدورة باللغة العربية لنقل تجربتي للناطقين بها

    أ.م صلاح الدين الشتيوي
    المدير الفني لشركة آمن الوطنية للاتصالات وأمن المعلومات
    طرابلس – ليبيا

  77. Profile photo of schumacherwo schumacherwo says:

    Godd instructor and material
    The articulation was very clear! The Content was very good. The sessions appropriate.

    Summary: very useful

  78. Profile photo of cmac cmac says:

    Really enjoying the course
    The content is appears to be quite comprehensive and logically organised it has been easy to follow and I have found this course very useful.

    Let you know how I do with the exam 🙂

  79. Profile photo of jgvidler jgvidler says:

    Comprehensive and easy to follow
    I have come form an InfoSec background and I am a CISSP so I was able to follow the concepts and content quite easily. Having said that, I believe the course material is such that anyone wanting to learn more about 27001 will benefit greatly from taking this course.

  80. Profile photo of tsutrisno tsutrisno says:

    Good Course and Easy to Understand
    I am new to Information Security and this course help me a lot to have basic understanding of ISO27001.

  81. Profile photo of Hesadrian Hesadrian says:

    Great Course but Vimeo
    Great Courses,

    but in my country all vimeo video are blocked by most ISP.

  82. Profile photo of eslam.osman eslam.osman says:

    professional, simple and direct
    Dejan is definitely a very good instructor.
    The videos are short, straight to the point and will organized, also the scenario is well constructed.
    over all, pretty professional and simple.
    might need a bit touches of more enthusiastic voice tone, animated examples or attractive visuals.

    overall, well done and hope for more particle examples about implementation methods of the standards

    Eslam Osman

  83. Profile photo of orlando56 orlando56 says:

    Your explanation for each section of the standard, even short, are very usefull and help a lot in summarizing all the standard’s concepts.
    Aslo your comments and practical experience are helping a lot.

  84. Profile photo of comet comet says:

    Excellent Course Delivery!!
    Hello Dejan,

    I really enjoyed every bit of the training though yet to tidy up but thus far it been a wonderful experience.

    The content of the referenced blog per module has been very helpful. It almost like a live training.

    Thumbs up to you and your team.


  85. Profile photo of aqeel.haider aqeel.haider says:

    Few Confusions
    Lectures are very good and delivered very impressively. But there is some confusion in my mind. i.e. you have included 4 to 7 mandatory clause in the planning phase with respect to PDCA model but if we see the IS top level policy is also made in Clause 5 of leadership. Kindly elaborate it. Furthermore, some other task are also performed during the 4 to 7 clause. Kindly reply as soon as possible. My email address is

    M. Aqeel Haider

  86. Profile photo of tecnec88 tecnec88 says:

    I’m very grateful having had the opportunity to take this course, It has been designed in a very easy way to understand this standard and it gave to me a comprehensive overview about the its structure and general operation and I could understand relationships with frameworks like COBIT and ITIL. It made me clear themes related with ISO 27002, 27005, 22301 and 31k.

    Keep it up!

    Best Regards

    Helman Darley-Bentley
    IT Chief Manager

  87. Profile photo of ErrolA ErrolA says:

    ISO 27001 Foundation Course
    G’day Dejan,

    I am very impressed with the outline and the presentation of this course. Your explanation of every step is very comprehensive and I would personally recommend this type of training to any employee or staff member that wants to understand the basics/foundation of the the ISO 27001:2013 ISMS framework standard.

    All the best

    Errol Abrahams

Frequently Asked Questions

You can access the course using your PC, Mac, or mobile device, using any major browser (i.e., Chrome, Mozilla, Internet Explorer, Safari); a broadband Internet link will also be needed. And, of course, enough time to attend the course.

The course is a combination of recorded video lectures, quizzes, reading, and other activities – the course takes you through all these materials in an optimal way.

After you finish attending the course, you can go for the exam – if you finish this exam successfully, i.e., if your score is above the minimum, then you will receive the certificate. By the way, during the exam we use an online proctoring service that will ask for proof of your identity, and make sure that you have taken the exam with no external help. Click here to learn more about online proctoring.

The exam, as well as the whole course, is completely done online, from your office, your home, or any other place convenient for you. For the exam we use an online proctoring service – click here to learn more.

Well, we have to make money somehow :). We have made most of the course freely available, but to access the exam and get the certificate you’ll have to pay a fee – by the way, this fee is by far smaller than the fee for attending the classroom-type course.

None. The course was made in such a way that a beginner in this topic can easily understand it.

You can access it any time – the course is a combination of recorded video lectures, quizzes, reading, and other activities, and because all those materials are readily available, you can access them at a time that is convenient for you.

No, you can attend the course as long as you like; however, you should try to finish it in a couple of weeks because otherwise, you won’t get enough benefits out of it.