The ISO/IEC 27002 Lead Manager training course enables participants to acquire a comprehensive knowledge and understanding of the implementation and management of information security controls based on ISO/IEC 27002.
The ISO/IEC 27002 Lead Manager training course equips participants with the essential knowledge and skills to support an organization in effectively identifying, implementing, and managing information security controls. This course provides the necessary guidance to interpret and apply the controls defined in ISO/IEC 27002 within an organization’s specific operational context.
Achieving the PECB ISO/IEC 27002 Lead Manager certification demonstrates that you possess the advanced expertise required to determine appropriate information security controls for mitigating risks identified through a formal risk assessment process.
Following the course, participants may take the certification examination. A passing score qualifies candidates to apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.
This training course is designed for:
Upon successfully completing this training course, participants will be able to:
The training course integrates theoretical concepts with practical application, using guided instruction and real-world examples for implementing and managing information security controls.
The curriculum includes essay-type exercises and multiple-choice quizzes, many of which are based on realistic scenarios.
Participants are encouraged to collaborate and engage in discussions while completing exercises and quizzes.
The format of the quizzes is designed to closely resemble the structure of the official certification examination.
After successfully completing the exam, you can apply for one of the credentials shown on the table below. You will receive a certificate once you fulfill all the requirements of the selected credential.
| Credential | Exam | Professional experience | ISCMS project experience | Other requirements |
|---|---|---|---|---|
| PECB Certified ISO/IEC 27002 Provisional Manager | PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent | None | None | Signing the PECB Code of Ethics |
| PECB Certified ISO/IEC 27002 Manager | PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent | Two years: One year of work experience in Information Security Management | Information Security Management activities: a total of 200 hours | Signing of the PECB Code of Ethics |
| PECB Certified ISO/IEC 27002 Lead Manager | PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent | Five years: Two years of work experience in Information Security Management | Information Security Management activities: a total of 300 hours | Signing of the PECB Code of Ethics |
| PECB Certified ISO/IEC 27002 Senior Lead Manager | PECB Certified ISO/IEC 27002 Lead Manager Exam, or equivalent | Ten years: Seven years of work experience in Information Security Management | Information Security Management activities: a total of 1,000 hours | Signing of the PECB Code of Ethics |
Information security activities should adhere to established best practices for implementation and management, which include the following key components:
Developing an implementation plan for an Information Security Management System (ISMS).
Managing a project for the implementation of information security measures.
Establishing and executing defined information security processes.
Selecting appropriate information security processes.
Implementing effective information security controls.
The training course fee is comprehensive and includes all applicable certification and examination costs.
Participants will receive extensive training materials comprising over 450 pages of instructional content, practical examples, exercises, and quizzes.
Attendees who complete the training will be awarded a certificate of course completion, accredited for 31 Continuing Professional Development (CPD) credits.
Candidates who do not pass the examination on their first attempt are eligible for one complimentary retake within a 12-month period from the initial exam date.
Course agenda
Day 1: Introduction to ISO/IEC 27002
Day 2: Roles and responsibilities, assets, policies, and people controls
Day 3: Physical controls and protection of information systems and networks
Day 4: Information security incident management and testing and monitoring of information security controls based on ISO/IEC 27002
Day 5: Certification exam
