You must be logged in to take this course  →   |

ISO 27001 Foundations Course

In this online course you’ll learn everything you need to know about ISO 27001, including all the requirements and best practices for compliance. The course is made for beginners in information security and ISO standards, and no prior knowledge is needed to take this course.

The exam from this ISO 27001 foundation course is certified by Exemplar Global (formerly RABQSA). After passing the exam you will receive a certificate proving that you attained Information Security Management Systems competency.

The course is organized into 6 modules, where each module has several video lectures and quizzes that will help you learn more quickly, as well as a recap quiz that will prepare you for the certification exam – please see below for the content of each module. All the video lectures are pre-recorded, so you can take the course from anywhere, at any time for your convenience.

  • The total course duration, including the reading of required materials, is approximately 8 hours.
  • Materials provided in the course (video lectures, articles, and practice exams) are everything you need to successfully pass the certification exam.
  • There is no time limit for taking the course, but it is recommended that you finish it within one week’s time.
  • Access to this course and the quizzes is completely free; the fee for the certification exam is US$ 249– after you pass the exam we’ll send you your certificate in a matter of days.
  • After you purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures and quizzes, links to additional reading, and access to the practice exams.

Course Curriculum

Introduction
Introduction to the course 04:00:00
Module 1 - Introduction to ISO 27001
Introduction & suggested reading 00:00:00
What is ISO 27001? 01:30:00
The structure of ISO 27001 02:30:00
Information security principles 02:30:00
Introduction to the Information Security Management System 02:30:00
Implementing ISO 27001 requirements 03:00:00
Implementing ISO 27001 as a project 01:30:00
Documenting ISO 27001 requirements 03:30:00
ISO 27001 Benefits 02:30:00
Related documentation 00:00:00
Certification FAQs 00:00:00
Recap quiz 00:00:00
Module 2 - The planning phase
Introduction & suggested reading 00:00:00
Understanding your organization and its context [clause 4.1] 02:30:00
Understanding the needs and expectations of interested parties [clause 4.2] 02:00:00
Determining the scope of the ISMS [clause 4.3] 02:00:00
Leadership and commitment [clause 5.1] 02:00:00
Information Security Policy [clause 5.2] 01:00:00
Organizational roles, responsibilities and authorities [clause 5.3] 02:30:00
Information security objectives [clause 6.2] 02:30:00
Resources [clause 7.1] 02:00:00
Competence [clause 7.2] 01:30:00
Awareness [clause 7.3] 01:30:00
Communication [clause 7.4] 01:30:00
Documented information [clause 7.5] 03:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 3 - Risk management
Introduction & suggested reading 00:00:00
Addressing risks and opportunities [clause 6.1.1] 02:00:00
Risk management process [clause 6.1.2] 02:30:00
Information security risk assessment – Risk identification [clause 6.1.2] 03:00:00
Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] 03:00:00
Information security risk treatment [clause 6.1.3] 03:00:00
Statement of Applicability [clause 6.1.3] 02:00:00
Risk treatment plan [clause 6.1.3] 00:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 4 - The Do phase
Introduction & suggested reading 00:00:00
Formulating the risk treatment plan [clause 6.1.3] 02:00:00
Implementing the risk treatment plan [clause 8.3] 01:30:00
Operational planning and control [clause 8.1] 02:30:00
Operating the ISMS [clause 8] 01:00:00
Managing outsourcing of operations [clause 8.1] 02:30:00
Controlling changes [clause 8.1] 02:30:00
Risk assessment review [clause 8.2] 02:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 5 - The Check and Act phases
Introduction & suggested reading 00:00:00
Monitoring, measurement, analysis, and evaluation [clause 9.1] 04:00:00
Internal audit [clause 9.2] 03:00:00
Management review [clause 9.3] 03:00:00
Nonconformities and corrective actions [clause 10.1] 04:30:00
Continual improvement [clause 10.2] 02:30:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 6 - Annex A – Control objectives and controls
Introduction & suggested reading 00:00:00
Introduction to Annex A – Reference control objectives and controls 02:30:00
Structure of Annex A 04:00:00
Information security policies [A.5] 02:00:00
Organization of information security [A.6] 02:30:00
Human resources security [A.7] 01:30:00
Asset management [A.8] 02:30:00
Access control [A.9] 02:00:00
Cryptography [A.10] 02:00:00
Physical and environmental security [A.11] 03:00:00
Operational security [A.12] 03:30:00
Communications security [A.13] 04:00:00
System acquisition, development and maintenance [A.14] 04:30:00
Supplier relationships [A.15] 02:30:00
Information security incident management [A.16] 03:30:00
Information security aspects of business continuity management [A.17] 03:00:00
Compliance [A.18] 03:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Instructions for taking the exam and obtaining the certificate 00:00:00

Benefits of getting the certificate

Certificate of competence proves that you attended the eTraining course, and that you passed the exam certified by Exemplar Global (formerly RABQSA). This ensures that you understand and can apply the knowledge you gained in each of the course's modules.

How to get certified?

It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Pass the online certification exam.

Bonuses with the certificate

Once you purchase the certificate, you will receive the following bonuses:

Discount badge

SECURE & SIMPLE: A Small-Business Guide to Implementing ISO 27001 On Your Own (eBook)

The plain English, step-by-step handbook for information security practitioners.

In this book, Dejan Kosutic, an author and experienced information security consultant, is giving away all his practical know-how on successful ISO 27001 implementation. No matter if you’re new or experienced in the field, this book gives you everything you will ever need to implement ISO 27001 on your own.

Course Script (PDF)

If you decide to purchase the exam, you will get the PDF script from the course completely free. The script includes everything said in the videos and all quizzes.

This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.

Free exam retake

Once you purchase the exam, you will be able to retake it.

This means, if you do not pass the exam on your first attempt, you can retake it one time, free of charge.

There is no mandatory waiting period between the two attempts.

Practice Exam

With the purchase of the exam, you get access to practice exams. You can use these exams to test your knowledge and familiarize yourself with the exam environment.

The results from the practice exam do not have any effect on the results of the final exam.

Course Reviews

Frequently Asked Questions

No, you can attend the course as long as you like; however, you should try to finish it in a couple of weeks because otherwise, you won’t get enough benefits out of it.

You can access it any time – the course is a combination of recorded video lectures, quizzes, reading, and other activities, and because all those materials are readily available, you can access them at a time that is convenient for you.

None. The course was made in such a way that a beginner in this topic can easily understand it.

Well, we have to make money somehow :). We have made most of the course freely available, but to access the exam and get the certificate you’ll have to pay a fee – by the way, this fee is by far smaller than the fee for attending the classroom-type course. Additionally, when you pay for the certificate, you will be able to download a PDF scripts from all of the video lectures, activity questions, practice exams, and links to additional reading. This way, you can access the content from the course and prepare for the exam much more easily.

The exam, as well as the whole course, is done completely online, from your office, your home, or any other place convenient for you. By the way, during the exam we use an online proctoring service that will ask for proof of your identity, and make sure that you have taken the exam with no external help.

After you finish attending the course, you can go for the exam – if you finish this exam successfully, i.e., if your score is above the minimum, then you will receive the certificate. Click here to learn more about the ISO 27001 Foundations Course Certificate.

The course is a combination of recorded video lectures, quizzes, reading, and other activities – the course takes you through all these materials in an optimal way.

You can access the course using your PC, Mac, or mobile device, using any major browser (i.e., Chrome, Mozilla, Internet Explorer, Safari); a broadband Internet connection will also be needed. And, of course, enough time to attend the course.

The materials provided in the course – recorded video lectures, quizzes, readings, practice exams, and other activities – are everything you need to successfully pass the exam and obtain the certificate. The best part is: they are completely free with unlimited access!

If you decide to purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures, quiz questions, links to additional reading, and access to the practice exams. This way, you can prepare for the exam much more easily.

OUR CLIENTS

OUR PARTNERS

  • Exemplar Global logo
    Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL logo
    ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL logo
    DNV GL Business Assurance is one of the leading providers of accredited management systems certification.