Become acquainted with the best practices of Information Security Risk Management based on ISO/IEC 27005

ISO/IEC 27005 Foundation

Why should you attend?

ISO/IEC 27005 Foundation training enables you to learn the basic elements to manage Information Security Risks as specified in ISO/IEC 27005. During this training course, you will be able to understand the concepts and models of Information Security Risk Management.

After completing this course, you can sit for the exam and apply for the Certified ISO/IEC 27005 Foundation credential. A Foundation Certificate shows that you have understood the fundamental methodologies, processes and management approach.


Who should attend?

  • Individuals interested in Information Security Risk Management
  • Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
  • Individuals interested to pursue a career in Information Security Risk Management


Learning objectives

  • Understand the concepts of Information Security Risk Management in accordance with ISO/IEC 27005
  • Acknowledge the correlation between ISO/IEC 27005 and other standards and regulatory frameworks
  • Understand the approaches, methods and techniques used for Information Security Risk Management


Educational approach

  • Lecture sessions are illustrated with practical questions and examples
  • Practical exercises include examples and discussions
  • Practice tests are similar to the Certification Exam




Course Agenda

Day 1: Introduction to fundamental concepts of Risk Management related to Information Security by using ISO/IEC 27005

Day 2: Information Security Risk Management approaches and Certification Exam


The Certified ISO/IEC 27005 Foundation exam fully meets the requirements of the Examination and Certification Programme (ECP). The exam covers the following competency domains:

Domain 1: Fundamental principles and concepts of Risk Management in Information Security

Domain 2: Information Security Risk Management approaches and processes

For more information about exam details, please visit Examination Rules and Policies.


After successfully completing the exam, you can apply for the credential shown on the table below. For more information about ISO/IEC 27005 certifications and the certification process, please refer to the Certification Rules and Policies.

The requirements for Foundation Certifications are:

Credential Exam Professional experience Risk Management experience Other requirements
Certified ISO/IEC 27005 Foundation Certified ISO/IEC 27005 Foundation exam or equivalent None None Signing the Code of Ethics

General Information

  • Certification fees are included on the exam price
  • Training material containing over 200 pages of information and practical examples will be distributed
  • A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
  • In case of exam failure, you can retake the exam within 12 months for free.

Signup to our Newsletter!

You will always be updated on news and courses of our company