International standard for Information Security management

We are APMG accredited trainers, get recognised with us. 

We offer flexible learning options (online, insctructor-led, hybrid) to fit your learning style

Our recent hybrid class! In support of safe management in light of COVID19, classes may be run virtually.


Course duration: 3 days, 9am – 5pm

An instructor-led classroom training providing a foundational understanding of the requirements of the Information Security Management System (ISMS) and what is needed  for compliance against the requirements of the ISO27001:2022 standard

ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls.

This course will provide participants a foundation level knowledge of how the standard operates in a typical organization and will also cover areas like Risk Management, Compliance, Cyber Security, Information Management & Analysis.

  • The scope and purpose of ISO/IEC 27001 and how it can be used.
  • The key terms and definitions used in the ISO/IEC 27000 series.
  • The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement.
  • The processes, their objectives and high level requirements.
  • Applicability and scope definition requirements.
  • Use of controls to mitigate IS risks.
  • The purpose of internal audits and external certification audits, their operation and the associated terminology.
  • The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

This qualification is aimed at those who are:

  • Internal managers and personnel working to implement, maintain and operate an ISMS within an organization.
  • External consultants supporting an organization’s implementation, maintenance and operation of an ISMS.
  • Internal auditors who are required to have an applied knowledge of the standard.

Delegates who successfully completed the course and pass the exam will be recognized as ISO27001 Foundation certified under the APMG certification scheme.

For those delegates who do not meet the requirements stipulated in pre-requisites stated above or fail the exam would be awarded a course attendance certificate only.

The format of the examination is:

  • Multiple choice format
  • 50 questions per paper
  • 25 marks or more required to pass (out of 50 available) – 50%
  • 40 minute duration
  • Closed book.

There are no pre-requisites for this course.

APMG ISO/IEC27001 Foundation

Physical/Virtual sessions available. Enquire to find out more!

Find out more »

APMG ISO/IEC27001 Foundation

Physical/Virtual sessions available. Enquire to find out more!

Find out more »

Complimentary refresher

Participants can attend a complimentary refresher if they wish

Post-training support

Should you have questions after the course, you may contact the trainer for assistance regarding course material