You must be logged in to take this course → LOGIN | REGISTER NOW
ISO 27001 Foundations Course
This beginner-level course is designed to teach you all of the key information that you need to understand the ISO 27001 standard and how to implement it for your business. The course is certified by ASIC, and certification is available (for an additional $349 fee), which proves your proficiency in the ISO 27001 standard.
The course is designed in six modules and will take approximately eight hours to complete. Each module consists of video lectures, exercises, and a recap quiz to help prepare you for the certification exam. Most customers complete the course within one week of starting.
Certification includes:
- A bonus PDF with scripts from the course for notes and additional resources.
- Practice exams to prepare you for the final certification exam.
- Certificate of completion with LinkedIn badge.
- Course instructor: Dejan Kosutic
- Course language: English
Course Curriculum
| Introduction | |||
| Introduction to the course | 04:00:00 | ||
| Module 1 - Introduction to ISO 27001 | |||
| Introduction & suggested reading | 00:00:00 | ||
| What is ISO 27001? | 01:30:00 | ||
| The structure of ISO 27001 | 02:30:00 | ||
| Information security principles | 02:30:00 | ||
| Introduction to the Information Security Management System | 02:30:00 | ||
| Implementing ISO 27001 requirements | 03:00:00 | ||
| Implementing ISO 27001 as a project | 01:30:00 | ||
| Documenting ISO 27001 requirements | 03:30:00 | ||
| ISO 27001 Benefits | 02:30:00 | ||
| ISO 27001 Benefits – Real-life exercise | 00:00:00 | ||
| Related documentation | 00:00:00 | ||
| Certification FAQs | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 2 - The planning phase | |||
| Introduction & suggested reading | 00:00:00 | ||
| Understanding your organization and its context [clause 4.1] | 02:30:00 | ||
| Understanding the needs and expectations of interested parties [clause 4.2] | 02:00:00 | ||
| Determining the scope of the ISMS [clause 4.3] | 02:00:00 | ||
| Leadership and commitment [clause 5.1] | 02:00:00 | ||
| Information Security Policy [clause 5.2] | 01:00:00 | ||
| Organizational roles, responsibilities and authorities [clause 5.3] | 02:30:00 | ||
| Information security objectives [clause 6.2] | 02:30:00 | ||
| Resources [clause 7.1] | 02:00:00 | ||
| Competence [clause 7.2] | 01:30:00 | ||
| Awareness [clause 7.3] | 01:30:00 | ||
| Communication [clause 7.4] | 01:30:00 | ||
| Documented information [clause 7.5] | 03:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 3 - Risk management | |||
| Introduction & suggested reading | 00:00:00 | ||
| Addressing risks and opportunities [clause 6.1.1] | 02:00:00 | ||
| Risk management process [clause 6.1.2] | 02:30:00 | ||
| Information security risk assessment – Risk identification [clause 6.1.2] | 03:00:00 | ||
| Exercise: Information security risk assessment – Risk identification | 00:00:00 | ||
| Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] | 03:00:00 | ||
| Information security risk treatment [clause 6.1.3] | 03:00:00 | ||
| Statement of Applicability [clause 6.1.3] | 02:00:00 | ||
| Risk treatment plan [clause 6.1.3] | 00:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 4 - The Do phase | |||
| Introduction & suggested reading | 00:00:00 | ||
| Formulating the risk treatment plan [clause 6.1.3] | 02:00:00 | ||
| Implementing the risk treatment plan [clause 8.3] | 01:30:00 | ||
| Operational planning and control [clause 8.1] | 02:30:00 | ||
| Operating the ISMS [clause 8] | 01:00:00 | ||
| Managing outsourcing of operations [clause 8.1] | 02:30:00 | ||
| Controlling changes [clause 8.1] | 02:30:00 | ||
| Risk assessment review [clause 8.2] | 02:00:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 5 - The Check and Act phases | |||
| Introduction & suggested reading | 00:00:00 | ||
| Monitoring, measurement, analysis, and evaluation [clause 9.1] | 04:00:00 | ||
| Internal audit [clause 9.2] | 03:00:00 | ||
| Management review [clause 9.3] | 03:00:00 | ||
| Nonconformities and corrective actions [clause 10.2] | 04:30:00 | ||
| Continual improvement [clause 10.1] | 02:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 6 - Overview of Annex A | |||
| Introduction & suggested reading | 00:00:00 | ||
| Introduction to Annex A | 00:00:00 | ||
| People controls | 00:00:00 | ||
| Physical controls | 00:00:00 | ||
| Technological controls – overview and new controls | 00:00:00 | ||
| Technological controls – software development | 00:00:00 | ||
| Technological controls – operational security | 00:00:00 | ||
| Organizational controls – policies and responsibilities | 00:00:00 | ||
| Organizational controls – information and asset management | 00:00:00 | ||
| Organizational controls – operational security | 00:00:00 | ||
| Organizational controls – supplier security | 00:00:00 | ||
| Organizational controls – incidents and business continuity | 00:00:00 | ||
| Organizational controls – compliance, privacy, and legal aspects of security | 00:00:00 | ||
| Instructions for taking the exam and obtaining the certificate | 00:00:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Instructions for taking the exam and obtaining the certificate | 00:00:00 | ||
- With the purchase you get:
- Certificate approved by ASIC
- ISO 27001 EBOOK
- Access to course script
- Free exam retake
- Access to practice exam
Leading international authority in certification of training providers
Benefits of getting the certificate
Certificate of competence proves that you attended the eTraining course, and that you passed the exam certified by ASIC. This ensures that you understand and can apply the knowledge you gained in each of the course's modules.
How to get certified?
It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Pass the online certification exam.
Bonuses with the certificate
Once you purchase the certificate, you will receive the following bonuses:
SECURE & SIMPLE: A Small-Business Guide to Implementing ISO 27001 On Your Own (eBook)
The plain English, step-by-step handbook for information security practitioners.
In this book, Dejan Kosutic, an author and experienced information security consultant, is giving away all his practical know-how on successful ISO 27001 implementation. No matter if you’re new or experienced in the field, this book gives you everything you will ever need to implement ISO 27001 on your own.
Course Script (PDF)
If you decide to purchase the exam, you will get the PDF script from the course completely free. The script includes everything said in the videos and all quizzes.
This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.
Free exam retake
Once you purchase the exam, you will be able to retake it.
This means, if you do not pass the exam on your first attempt, you can retake it one time, free of charge.
There is no mandatory waiting period between the two attempts.
Practice Exam
With the purchase of the exam, you get access to practice exams. You can use these exams to test your knowledge and familiarize yourself with the exam environment.
The results from the practice exam do not have any effect on the results of the final exam.
Course Reviews
Frequently Asked Questions
No, you can attend the course as long as you like; however, you should try to finish it in a couple of weeks because otherwise, you won’t get enough benefits out of it.
You can access it any time – the course is a combination of recorded video lectures, quizzes, reading, and other activities, and because all those materials are readily available, you can access them at a time that is convenient for you.
None. The course was made in such a way that a beginner in this topic can easily understand it.
Well, we have to make money somehow :). We have made most of the course freely available, but to access the exam and get the certificate you’ll have to pay a fee – by the way, this fee is by far smaller than the fee for attending the classroom-type course. Additionally, when you pay for the certificate, you will be able to download a PDF scripts from all of the video lectures, activity questions, practice exams, and links to additional reading. This way, you can access the content from the course and prepare for the exam much more easily.
The exam, as well as the whole course, is done completely online, from your office, your home, or any other place convenient for you. By the way, during the exam we use an online proctoring service that will ask for proof of your identity, and make sure that you have taken the exam with no external help.
After you finish attending the course, you can go for the exam – if you finish this exam successfully, i.e., if your score is above the minimum, then you will receive the certificate. Click here to learn more about the ISO 27001 Foundations Course Certificate.
The course is a combination of recorded video lectures, quizzes, reading, and other activities – the course takes you through all these materials in an optimal way.
You can access the course using your PC, Mac, or mobile device, using any major browser (i.e., Chrome, Mozilla, Internet Explorer, Safari); a broadband Internet connection will also be needed. And, of course, enough time to attend the course.
The materials provided in the course – recorded video lectures, quizzes, readings, practice exams, and other activities – are everything you need to successfully pass the exam and obtain the certificate. The best part is: they are completely free with unlimited access!
If you decide to purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures, quiz questions, links to additional reading, and access to the practice exams. This way, you can prepare for the exam much more easily.
- With the purchase you get:
- Certificate approved by ASIC
- ISO 27001 EBOOK
- Access to course script
- Free exam retake
- Access to practice exam
Leading international authority in certification of training providers
