ISO/IEC 27002 Foundation Training introduces participants to the key principles and practices of information security management as outlined in the ISO/IEC 27002 standard. This course provides a comprehensive overview of the guidelines for implementing and managing security controls to protect information assets.
Participants will explore the framework of ISO/IEC 27002, including its structure, control objectives, and the detailed set of controls for information security management. The training covers essential topics such as risk management, security control implementation, and maintaining an effective security posture. Ideal for those new to the standard or looking to understand how to apply its guidelines within their organization, this training lays the groundwork for developing robust information security practices aligned with international standards.
Learning Objectives
After taking this course, you will be able to:
- Describe the core ideas behind information security, cybersecurity, and privacy using ISO/IEC 27002.
- Examine the connections between ISO/IEC 27001, ISO/IEC 27002, and other normative structures.
- In the particular context of an organization, interpret the ISO/IEC 27002 organizational, human, physical, and technology controls.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.