ISO/IEC 27005 Foundation

ISO/IEC 27005 Foundation is a two-day training course that focuses on the information security risk management process introduced by ISO/IEC 27005 and the structure of the standard. It provides an overview of the guidelines of ISO/IEC 27005 for managing information security risks, including context establishment, risk assessment, risk treatment, communication and consultation, recording and reporting, and monitoring and review.

After attending the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “PECB Certificate Holder in ISO/IEC 27005 Foundation” designation. This certificate demonstrates that you have a general knowledge of ISO/IEC 27005 guidelines for information security risk management.

Learning objectives: 

Upon successful completion of this training course, you will be able to:

  • Describe the main risk management concepts, principles, and definitions
  • Interpret the guidelines of ISO/IEC 27005 for managing information security risks
  • Identify approaches, methods, and techniques used for the implementation and management of an information security risk management program

Audience:

  • Risk management professionals 
  • Professionals wishing to get acquainted with the guidelines of ISO/IEC 27005 for information security risk management
  • Personnel tasked with managing information security risks in their area of responsibility
  • Individuals interested in pursuing a career in information security risk managemen

Certification:

After successfully completing the exam, you can apply for the credential shown on the table below. For more information about ISO/IEC 27005 certifications and the PECB certification process, please refer to Certification Rules and Policies.

The requirements for PECB Foundation Certification are:27005 Fou certification.png

Prerequisites: 

There are no prerequisites required. 

Course outline

Introduction to ISO/IEC 27005 and fundamental concepts of information security risk management

Information security risk management and certificate exam

The exam is will take place at the end of the course on onsite classroom courses

For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.

 

  • Multiple choice “closed book” exam where the candidates are not authorized to use anything but the exam paper and a pen or,
  • Duration: 1 hour (+ 10 min extra time for non-native)
  • The use of electronic devices, such as laptops, cell phones, etc., is not allowed.

Examination rules and policies

RECEIVE YOUR EXAM RESULTS

Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.

Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.

In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.

Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.

EXAM RETAKE POLICY

There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:

  • Students, who have completed the full training but failed the written exam, are eligible to retake the exam once for free within a 12 month period from the initial date of the exam.
  • If a candidate does not pass the exam on the second attempt, he/she must wait 3 months (from the initial date of the exam) for the next attempt (2nd retake). Retake fee applies.
  • If a candidate does not pass the exam on the third attempt, he/she must wait 6 months (from the initial date of the exam) for the next attempt (3rd retake). Retake fee applies.

After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.

For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.

To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.

Other relevant courses

ISO 27005 Risk Manager Course
10. February
3 days
Classroom Virtual
ISO/IEC 27001 Foundation
28. November
2 days
Classroom Virtual Guaranteed to run
ISO/IEC 27001 Introduction
1 days
Classroom
ISO/IEC 27001 Lead Auditor
27. January
5 days
Classroom Virtual