APMG ISO/IEC27000 Foundation

////APMG ISO/IEC27000 Foundation

APMG ISO/IEC27000 Foundation

Course ID: ISO/IEC27000F 3 Days

APMG ISO/IEC27000 Foundation


ISO/IEC 27000 is the international standard for Information Security . It defines the requirements for and provides details of the information security management system (ISMS) needed to provide information security to the organization of an acceptable quality, together with guidance on how to demonstrate conformity with the standard.

This 3 days course is aimed at those wishing to demonstrate a Foundation-level knowledge concerning ISO/IEC 27000 and its use in a IT organization and does not require any formal knowledge of Information security.

The training is delivered in a way that includes sufficient generic information security content to allow ISO/IEC 27000 to be understood in the context of how the standard operates in a typical IT organization.



This qualification is aimed at those who are:

  • Supporting the implementation, operation or maintenance of an ISMS within an organization
  • Required to audit an ISMS and to have a basic understanding of the standard
  • Working within an organization with an ISMS, whether the organization is already certified or is considering certification to ISO/IEC 27001
  • Preparing for the ISO/IEC 27001 Practitioner qualification.




Instructor-led / Virtual Instructor-led

Singapore SGD1,950
Malaysia MYR4,500
Thailand: Upon Request
India: USD1,500


No Prerequisite.


The candidate should understand the scope, objectives, key terminology and high level requirements of the ISO/IEC 27001 standard, how it is used in an organization for information security, together with the main elements of the certification process.

Specifically, the candidate should understand:

  • The scope and purpose of ISO/IEC 27001 and how it can be used
  • The key terms and definitions used in the ISO/IEC 27000 series
  • The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement
  • The processes, their objectives and high level requirements
  • Applicability and scope definition requirements
  • Use of controls to mitigate IS risks
  • The purpose of internal audits and external certification audits, their operation and the associated terminology
  • The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

Possession of the Foundation Certificate meets the pre-requisites for the Practitioner qualification.


Module 1: Introduction to and background of ISO/lEC 27000

Module 2: The APMG certification scheme

Module 3: ISO/IEC 27000 Standards family overview

Module 4: ISO/IEC 27001 and Annex A

Module 5: The terms, definitions and requirements contained in ISO/IEC 27000

Module 6: The fundamental requirements for an Information Security Management System and the need for continual improvement

Module 7: Eligibility, scoping requirements and the role of process owners and practitioners in the preparation for ISO/IEC 27000 certification

Module 8: Assessments, informal and RCB audits, and the associated terminology

Module 9: Exam practice and preparations

What’s Next

APMG ISO/IEC27000 Practitioner

Subscribe to our mailing list for special offers and promotions.

Thank you! Your subscription has been confirmed. You'll hear from us soon.