ISO/IEC 27002 Lead Manager

The ISO/IEC 27002 Lead Manager training course enables participants to develop the necessary knowledge and skills for supporting an organization in effectively determining, implementing, and managing information security controls. The training course provides information that will help participants interpret the ISO/IEC 27002 controls in the specific context of an organization.

The PECB ISO/IEC 27002 Lead Manager Certification demonstrates that you have acquired the necessary expertise for determining adequate information security controls needed to treat the risks identified by a risk assessment process. The training course is followed by an exam. If you pass, you can apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.

Learning objectives:

Upon successfully completing the training course, participants will be able to:

  • Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
  • Acknowledge the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
  • Interpret the ISO/IEC 27002 information security controls in the specific context of an organization
  • Support an organization in effectively determining, implementing, and managing information security controls based on ISO/IEC 27002
  • Explain the approaches and techniques used for the implementation and effective management of information security controls

Audience:

This training course is intended for:

  • Managers or consultants seeking to enhance their knowledge regarding the implementation of information security controls in an ISMS based on ISO/IEC 27001
  • Individuals responsible for maintaining information security, compliance, risk, or governance in an organization
  • IT professionals or consultants seeking to enhance their knowledge in information security
  • Members of an ISMS implementation or information security team

Prerequisites:

The main requirements for participating in this training course are having a fundamental understanding of ISO/IEC 27002 and comprehensive knowledge of information security controls.
 
 

Day 1 – Introduction to ISO/IEC 27002

The course begins with an overview of the training objectives and structure, giving participants clarity on what they will achieve. Participants are introduced to ISO/IEC 27002 and its role within the ISO/IEC 27000 family, including how it complements ISO/IEC 27001 and other standards. The focus is on understanding the purpose of information security controls and how they help organisations protect assets and manage risk.

Day 2 – Information security roles and people-centric controls

Day two focuses on the human and organisational aspects of information security controls, including roles, responsibilities and people-oriented measures. Participants explore controls related to staff, awareness, training and human resources practices that support a secure environment and minimise risk.

Day 3 – Technical and physical controls

Day three addresses controls related to assets, access management and the technical and physical protection of systems and data. Participants learn how to interpret and implement these controls in ways that are proportionate to organisational risks and operational demands — including networks, systems, devices and infrastructure.

Day 4 – Incident management, testing and monitoring controls

Day four focuses on organisational controls linked to incident management, testing and monitoring activities. Participants explore how to establish processes for detecting, reporting and responding to security events, as well as practices for ongoing testing and measurement of control effectiveness.

Day 5 – Certification Exam

The final day is dedicated to preparation for and completion of the certification exam. Participants review key topics and clarify complex areas before taking the official exam in line with PECB requirements.

After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to the Certification Rules and Policies.

Certification 27002.png

Exam

The exam is will take place at the end of the course on onsite classroom courses

For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB

  • Duration: 3 hour (+ 30 min extra time for non-native)

The exams an Multiple Choice; candidates are only authorized to use the following reference materials:

  • A copy of the standard (candidates need to bring their own copy of the standard).
  • Course notes from the Participant Handout. (If applicable)
  • Any personal notes made by the student during the course. (If applicable)
  • A hard copy dictionary

Examination rules and policies

Practical information

Duration: 5 days
Price: 27 900 NOK 
Language: English
Format: Open course and virtual delivery available

FAQ

Hva lærer jeg på dette kurset?
Du lærer hvordan du tolker, implementerer og styrer informasjonssikkerhetskontroller i tråd med ISO/IEC 27002 for å støtte et effektivt styringssystem.

Hva kreves for å delta?
Du bør ha grunnleggende forståelse av ISO/IEC 27002 og solid kjennskap til informasjonssikkerhetskontroller.

Hvordan gjennomføres eksamen?
Eksamen tas enten fysisk på kursstedet eller online med voucher og online eksamensvakt, avhengig av leveringsformat.

Hva skjer hvis jeg ikke består første eksamen?
Du får vanligvis ett nytt eksamensforsøk som kan gjennomføres online.

Får jeg ekstra tid på eksamen?
Ja, ekstra tid gis dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsreglene.

Får jeg ISO-standaren?
Nei, men du får tilgang til en lånestandar som du kan bruke under kurset og eksamen.

Hvilken sertifisering får jeg?
Etter godkjent eksamen oppnår du PECB Certified ISO/IEC 27002 Provisional manager sertifiseringen. For å få full sertifisering kan det også stilles krav til dokumentert arbeidserfaring. Sjekk tabellen under sertifisering for mer informasjon.

Er dette kurset relevant for ledere?
Ja, kurset passer for ledere, informasjonssikkerhets-, compliance- og risikoteam som jobber med styring og kontrolltiltak.

Kan jeg ta dette kurset som e-læring eller selvstudium?
Ja, dette kurset tilbys også som virtuelle alternativer der tilgjengelig.

See other relevant courses:

Other subject areas:

Other relevant courses

ISO/IEC 27001 Foundation
23. March
2 days
Classroom Virtual Guaranteed to run
ISO/IEC 27001 Introduction
1 days
Classroom
ISO/IEC 27001 Lead Auditor
13. April
5 days
Classroom Virtual
ISO/IEC 27001 Lead Implementer
13. April
5 days
Classroom Virtual On Demand Guaranteed to run