The new version of ISO/IEC 27001 has been recently published and is now aligned with the new version of ISO/IEC 27002, which was published in February, 2022. The major changes between ISO/IEC 27001:2022 and ISO/IEC 27001:2013 are noticed in the information security controls of Annex A, whereas a few other minor changes are present in the clauses of the standard too. Furthermore, the title of ISO/IEC 27001:2022 differs from the title of ISO/IEC 27001:2013, as now the standard is titled Information security, cybersecurity and privacy protection — Information security management systems — Requirements.
The “PECB ISO/IEC 27001 Transition” training course provides detailed information on the revised clauses, the new terminology, and the differences in the controls of Annex A. Additionally, this training course provides participants with the necessary knowledge to support organizations in planning and implementing the changes in their ISMS to ensure conformity with ISO/IEC 27001:2022. As such, you will be able to participate in projects to transition from an ISMS based on ISO/IEC 27001:2013 to an ISMS based on ISO/IEC 27001:2022.
Once you become acquainted with the new concepts and requirements of ISO/IEC 27001:2022 by attending the training course, you can sit for the exam, and if you successfully pass it, you can apply for the “PECB Certified ISO/IEC 27001 Transition” credential. This certificate will prove that you have up-to-date knowledge and professional capabilities to successfully update an ISMS based on the requirements of ISO/IEC 27001:2022.
Upon successfully completing the training course, participants will be able to:
After successfully completing the exam, you can apply for the credential shown on the table below. For more information about ISO/IEC 27001 certifications and the PECB certification process, please refer to Certification Rules and Policies.
The requirements for PECB Foundation Certification are:
There are no prerequisites required, but a certification in ISO 27001 is recommended
Introduction to ISO/IEC 27001:2022 and comparison to ISO/IEC 27001:2013
Comparison between Annex A controls of ISO/IEC 27001:2013 and ISO/IEC 27001:2022
The exam is will take place at the end of the course on onsite classroom courses
For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.
Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.
Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.
In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.
Candidates, who disagree with the exam results, may file a complaint by writing to email@example.com or through PECB ticketing system.
There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:
After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.
For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.
To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.