ISO 27002 Foundation
The ISO27002 is a code of practice for information security. Its essence outlines hundreds of potential controls and control mechanisms, and may be implemented under the guidance provided within ISO27001.ISO27001 standard deals with the set‐up of the information security process and represents the specification for an Information Security Management System (ISMS). The ISO27002 standard, which is also known as the “Code for Information Security”, contains guidelines for measures in the area of information security. The guidelines in the ISO27002 standard deal with the organizational, procedural, physical and logical aspects of information security.
The subjects of this module are:
- Information and security: the concept, the value, the importance and the reliability of information;
- Threats and risks: the concepts of threat and risk and the relationship with the reliability of information;
- Approach and organization: the security policy and security organization including the components of the security organization and management of (security) incidents;
- Measures: the importance of security measures including physical, technical and organizational measures
- Legislation and regulations: the importance and impact of legislation and regulations
Information and security concepts: the value of the information and the importance of its reliability
Threats and risks: The relation between threats and reliability
Approach to the organization of the Security Information Policies
Security measures: technical and organizational
Legislation and regulations: its importance and implications
Design and Implementation of the ISMS according to the ISO27001 standard
Certification of the ISMS according to the ISO27001 standard
The examination for EXIN Information Security Foundation based on ISO/IEC 27002 is intended for everyone in the organization who is processing information. The module is also suitable for entrepreneurs of small independent businesses for whom some basic knowledge of information security is necessary. This module can be a good start for new information security professionals.
Number of Questions – 40 multiple-choice
Open book – No
Electronic equipment allowed – No
Pass mark – 65% (26 out of 40)
The difference is that the ISO 27001 standard has an organizational focus and details requirements against which an organization’s Information Security Management System (ISMS) can be audited. … On the other hand, ISO 27002 are best practices that are not mandatory.
ISO/IEC 27002 Foundation training enables you to learn the basic elements to implement Information Security Controls as specified in ISO/IEC 27002. During this training course, you will be able to understand how ISO/IEC 27001 and ISO/IEC 27002 are related to ISO/IEC 27003 (Guidelines for the implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).
Passed the DevOps Masters certification from Exin. Many thanks to excellent trainer of SkillMetrix who was able to cover all the facts in practical sense and relate to the theoretical aspects in devops. It was a great learning.
Ashwin Antony Enterprise Service ArchitectYes course was useful and we had a good collaboration. I have passed my exam too. Thank you so much for all your support!
Gopinath S SIAM FoundationThank You SkillMetrix. TOGAF Session was really good inclusive of Presentation & Delivery. Entire training delivery session was timely followed in strict sense.
Rajesh Yalmare TOGAF Level 1 & Level 2 Combined ProgramThis is one of the best training organization. I appreciate the quality of learning material provided. I got all the required information and help from the trainer and also from the support team. Great team work. Keep it up.
Vijay Papneja ISTQB FoundationI attended ITIL Foundation Training at SkillMetrix Pune, I must say it was worth to every minute I spend there. The trainer was given by professional working in IT industry for numerous years and worked on actual projects having knowledge of in & out of all process. Linking what was explained to books was piece of cake. Needless to say I passed with flying colors in Certification exam. Do not take this certification because everyone else is doing it but do it because it gives your valuable knowledge for best practices.
Deepak Magar ITIL FoundationI believe I have used SkillMetrix for more than 4 years now. Customer service and support are a big strength and of course your training facilitators and curriculum. Being in overseas, It is great to have the online learning facility and also accommodating the time that suits the participants was a key factor to me. Keep up your good work. I don't think of any improvements, maintaining this will definitely enhance SkillMetrix profile.
Arun Thavasi EXPERT, PRINCE2, MSP and TOGAFIt was nice experience in training duration for me. Learnt many new things which will help me in future. Thanks for your help and support which you have shown for me.
Sunil Thorat ITIL Foundation