ISO/IEC 27001 Transition

The ISO/IEC 27001 Transition Course is designed for professionals who already hold ISO/IEC 27001 certification and need to transition their knowledge and certification to the updated standard. This course helps participants understand the changes, updates and new requirements in the latest version of the ISO/IEC 27001 standard and how to apply them effectively within an Information Security Management System (ISMS).

This transition course provides a clear and structured approach to understand how the ISO/IEC 27001 standard has evolved, and what the implications are for organisations and practitioners. Through comparative analysis and practical examples, participants learn how to adapt existing ISMS documentation, processes and practices to align with the updated standard. It is ideal for those who already work with ISO/IEC 27001 and need to maintain certification or ensure compliance with current version requirements.

Course objectives

Upon completing the course, participants will be able to:

  • Understand the key differences between the previous and current versions of ISO/IEC 27001
  • Identify and interpret new or revised requirements of the standard
  • Update existing ISMS frameworks to align with the latest version
  • Apply change strategies that support continual compliance and improvement
  • Prepare for the Transition certification exam

Prerequisites

Participants should have prior knowledge of ISO/IEC 27001, typically through Foundation or Implementer training, and practical experience working with an ISMS.

Target audience

This course is aimed at professionals holding current ISO/IEC 27001 certification, ISMS team members, auditors and managers who need to transition their certification or update their knowledge. It is also relevant for consultants supporting organisations with the transition to the new standard.

Overview of the updated ISO/IEC 27001 standard

The course begins with a detailed overview of the revised ISO/IEC 27001 standard. Participants explore how the structure, terminology and requirements have shifted compared to the previous version, with emphasis on practical implications for ISMS governance.

Key changes and revised requirements

Participants study the most significant updates in the standard and how these affect existing ISMS processes. The session involves comparative discussions and examples that illustrate how changes improve alignment with modern information security practices.

Adapting existing ISMS frameworks

This section focuses on how to update and adapt current ISMS documentation, controls and processes. Participants discuss best practices for transitioning without disrupting established organisational practices.

Application and integration

Participants learn how to apply changes within their own organisational context. This includes risk assessment adaptation, control alignment and reporting updates to support compliance and certification readiness.

Preparation for the Transition certification exam

The final part of the course is dedicated to preparing participants for the Transition certification exam. Key concepts are reviewed, and exam guidance and strategies are provided to support successful outcomes.

After successfully completing the exam, you can apply for the credential shown on the table below. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to Certification Rules and Policies.

The requirements for PECB Foundation Certification are:

imagei0v3l.png

Exam

The exam is will take place at the end of the course on onsite classroom courses

For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.

  • Multiple choice “closed book” exam where the candidates are not authorized to use anything but the exam paper and a pen or,
  • Duration: 1 hour (+ 10 min extra time for non-native)
  • The use of electronic devices, such as laptops, cell phones, etc., is not allowed.

Examination rules and policies

RECEIVE YOUR EXAM RESULTS

Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.

Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.

In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.

Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.

EXAM RETAKE POLICY

There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:

  • Students, who have completed the full training but failed the written exam, are eligible to retake the exam once for free within a 12 month period from the initial date of the exam.
  • If a candidate does not pass the exam on the second attempt, he/she must wait 3 months (from the initial date of the exam) for the next attempt (2nd retake). Retake fee applies.
  • If a candidate does not pass the exam on the third attempt, he/she must wait 6 months (from the initial date of the exam) for the next attempt (3rd retake). Retake fee applies.

After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.

For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.

To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.

Practical information

Duration: 2 days
Price: 16 900
Language: English
Format: Open course and corporate training

FAQ

Hva lærer jeg på dette kurset?
Du lærer hvilke endringer og oppdateringer som er gjort i den nyeste versjonen av ISO/IEC 27001, og hvordan du tilpasser et eksisterende ISMS for å være i samsvar med kravene.

Hva kreves for å delta?
Du bør ha tidligere kjennskap til ISO/IEC 27001, gjerne gjennom Foundation eller Implementer-kurs, og erfaring med ISMS-arbeid.

Hvordan gjennomføres eksamen?
Eksamen tas enten fysisk på kursstedet eller online med voucher og online eksamensvakt.

Hva skjer hvis jeg ikke består første eksamen?
Du får som regel ett nytt eksamensforsøk som tas online.

Får jeg ekstra tid på eksamen?
Du får ekstra tid dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsreglene.

Hvilken sertifisering får jeg?
Etter bestått eksamen oppnår du sertifisering i PECB Certified ISO/IEC 27001:2022 Transition.

Får jeg ISO-standarden?
Nei, men du får tilgang til en lånestandard som kan brukes under kurset og eksamen.

Hva er forskjellen på Foundation, Implementer, Auditor og Transition?
Foundation gir grunnleggende forståelse av ISO/IEC 27001. Implementer handler om å etablere og forvalte et ISMS. Auditor fokuserer på revisjon og vurdering. Transition handler om å oppdatere kunnskap og sertifisering til ny versjon av standarden.

Er dette kurset relevant for ledere?
Ja, kurset er relevant for ledere, sikkerhetsansvarlige, konsulenter og personer med ansvar for ISMS-arbeid som må oppdatere sertifisering eller praksis.

Kan jeg ta dette kurset som e-læring eller selvstudie?
Ja, dette kurset tilbys også som e-læring. Påmelding kan registreres på høyre side.

See other relevant courses:

Other subject areas:

Other relevant courses

ISO/IEC 27001 Lead Implementer
2. March
5 days
Classroom Virtual Guaranteed to run
ISO/IEC 27001 Foundation
23. March
2 days
Classroom Virtual
ISO/IEC 27001 Lead Auditor
13. April
5 days
Classroom Virtual
ISO/IEC 27001 Lead Implementer all english
23. February
5 days
Classroom Virtual Guaranteed to run