ISO 27001 Foundation

ISO 27001 Foundation Training course and certification exam

Become acquainted with the best practices with ISO 27001 Foundation training for implementing and managing an Information Security Management System (ISMS) based on ISO 27001:2013.


27-Aug-2018, Lisboa   Price | Register       08-Oct-2018, Lisbon   Price | Register       12-Nov-2018, Live Training   Price | Register       
This 2 days course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013, as well as the best practices for implementing the information security controls of the fourteen domains.
This training also helps to understand how ISO 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).
Training Methodology
ISO 27001 Foundation training course is based on both theory and practice sessions with:

  • Lectures illustrated with examples based on real cases.
  • Review exercises to assist the exam preparation. To benefit from the practical exercises, the number of training participants is limited.
  • Practice test similar to the certification exam.

This course is available to be delivered in a classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

  • Members of an information security team
  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
  • Staff involved in the implementation of the ISO 27001 standard
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
Learning Objectives
At the end of the course students should be able to:

  • understand the implementation of an Information Security Management System in accordance with ISO 27001
  • understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • know the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System
  • acquire the necessary Knowledge to contribute in implementing an Information Security Management System (ISMS) as specified in ISO 27001
  • To understand the relationship between the ISO 27001 and other management standards such as ISO 9000 and ISO 20000
  1. Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001
    • Introduction to the ISO 27000 family of standards
    • Introduction to management systems and the process approach
    • Fundamental principles information security
    • General requirements: presentation of the clauses 4 to 8 of ISO 27001
    • Implementation phases of ISO 27001 framework
    • Continual improvement of Information Security
    • Conducting an ISO 27001 certification audit
  2. Implementing controls in information security according to ISO 27002
    • Principles and design of information security controls
    • Documentation of an information security control environment
    • Monitoring and reviewing the information security controls
    • Examples of implementation of information security controls based on ISO 27002 best practices
  3. ISO 27001 Foundation Certification Exam
  • ISO 27001 is an auditable Information Security Management System (ISMS).
  • ISO 27001 allows certification and international recognition of an organization. Allows access to new markets and optimization of operations. Allows improve quality, increase productivity, competitive advantage, customer satisfaction and sales.
  • ISO 27001 Foundation course bases its pedagogical model in a certification program aligned with ISO 17024 standard, which defines the requirements for certification of people, fulfilling the recommendations of ISO.
  • ISO 27001 Foundation course is oriented towards the acquisition of best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013 standard. Thus, throughout the course, in addition to the basic concepts of an ISMS, referenced is made to the information security controls of the eleven domains of the ISO 27002 and how ISO 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).
  • Certification exam is monitored by an official Behaviour administrator.
  • ISO 27001 Foundation certification exam is conducted at the end of the course, on the last day of training, through on multiple-questions based exam.
  • Upon success in the exam, professional will achieve one of the ISO 27001 certifications levels. In case of failure, professional may repeat the exam at no additional cost, within 1 year after the date of the 1st examination.
  • Behaviour Pedagogical Model aims to provide a learning environment conducive to acquisition of competences, in accordance with objectives of each training program. Promoting interaction, participation and appreciation of experiences, we contribute to meaningful learning, certification and international recognition but, above all to the development of critical thinking and autonomy.
  • Behaviour is an organization accredited by DGERT (Portuguese Government Entity) and certified on ISO 9001. Behaviour has its Quality Management System (QMS) implemented in accordance with the requirements of ISO 9001, the requirements of DGERT, the requirements of the European standard NP 4512 and the standard ISO 10015.
The “Certified ISO 27001 Foundation” exam fully covers the following competence domains:

  • Domain 1: Fundamental principles and concepts of information security
  • Domain 2: Information Security Management System (ISMS)

The “Certified ISO 27001 Foundation” exam is available in English language.
Duration: 1 hour.
The exam result is sent via email to the candidate within eight weeks after the examination, being the exam result graduated in qualitative note: “Pass or Fail”.
In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade.

After successfully completing the exam, participants can apply for the credentials of Certified ISO 27001 Foundation.

A certificate of Certified ISO 27001 Foundation will be issued to participants who successfully pass the exam and comply with all the other requirements related to this credential.

ISO 27001 Foundation certification program is aligned with ISO 17024 standard.

The requirements for the “Foundation” certification are:

Certification Exam Professional Experience ISMS Audit Experience ISMS Project Experience
ISO 27001 Foundation ISO 27001 Foundation None None None
Our specialists are renowned consultants and auditors, with several years of experience in the areas of implementation, auditing and training in family ISO 27000, with particular focus on standards ISO27001, ISO27005 and their associated standards.
Some of our experts work directly in the improvement of these standards through its participation in the committees responsible for these standards in various countries.
General Information
  • Training in English language.
  • Course manual in English, containing over 200 pages of information and practical examples.
  • Behaviour Participation Certificate with 14 CPD (Continuing Professional Development) credits.
  • Certification exam.
  • Certification Diploma after successful examination and formal process registration. This process has no associated cost.
  • Coffee break in the morning and afternoon (applies to all training that take place in Behaviour facilities).
participants evaluation     4.2 in 5
Dates and Investment


(*) All dates of this course are guaranteed only for the events that take place in Lisbon. In other locations the events are subject to a minimum number of participants.
On Behaviour all courses at Lisbon occur regardless of the number of trainees in room. The concept of setting up classes does not exist in our educational model, which is why all public dates, presented on the website, are guaranteed. So if you’re in Portugal or anywhere else in the world, you can prepare your week or your trip, as long as you ensure your registration in the course.

ISO 27001 Foundation Training course and certification exam