Become acquainted with the best practices of Information and Communication Technology (ICT) based on ISO/IEC 29100

ISO/IEC 29100 Foundation

Why should you attend?

The ISO/IEC 29100 Foundation training course enables you to gain knowledge on the fundamentals of designing, implementing, operating, and maintaining Information and Communication Technology (ICT) systems that handle and protect Personally Identifiable Information (PII).

After attending this training course, you can sit for the exam, and if you successfully pass the exam, you can apply for the Certified ISO/IEC 29100 Foundation credential.  A Foundation certificate shows that you have understood the concepts, principles, and the basic structure of the implementation and management of a privacy framework based on the ISO/IEC 29100 international standard.

Who should attend?

  • Individuals involved and concerned with privacy security
  • Privacy security managers responsible for defining the privacy safeguarding requirements related to PII within an ICT environment
  • Data protection and privacy officers

Learning objectives

  • Comprehend the privacy principles of ISO/IEC 29100
  • Understand the concepts, principles, requirements, main processes, and best practices of privacy protection based on ISO/IEC 29100
  • Understand the approaches, methods, and techniques used for the implementation and management of a privacy framework

Educational approach

  • Lecture sessions are illustrated with practical questions and examples.
  • Practical exercises include examples and discussions.
  • The participants are encouraged to intercommunicate and engage in discussions and exercises.
  • Exercise questions are similar to the certification exam questions.



Course agenda

Day 1: Introduction to principles and concepts of a privacy and security framework based on ISO/IEC 29100

Day 2: Designing and developing an organizational privacy management framework based on ISO/IEC 29100 and the certification exam


The Certified ISO/IEC 29100 Foundation exam complies with the Examination and Certification Program (ECP) requirements. The exam covers the following competency domains:

Domain 1: Introduction to ISO/IEC 29100 and initiation of a privacy framework

Domain 2: Planning and implementation of a privacy framework

In case the candidates fail the exam, they can retake the exam within twelve months following the initial exam for free.

*Note: This applies only to the candidates who have attended the training course.

For detailed information on the examination process, please visit Examination Rules and Policies.


After successfully passing the exam, you can apply for the credential shown on the table below. You will receive the certificate once you comply with all the requirements related to the selected credential. Certification fees are included in the exam price.

For more information about the certification process, please refer to the Certification Rules and Policies.

The requirements for Foundation Certification are:

Credential Exam Professional experience MS audit/ assessment experience ISMS project experience Other requirements
Certified ISO/IEC 27001 Foundation Certified ISO/IEC 27001 Foundation exam or equivalent None None None Signing the Code of Ethics

General Information

  • Participants will be provided with the training material containing over 200 pages of explanatory information and practical examples.
  • An Attendance Record worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the course.