About the certification


ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. The ISO/IEC 27000 Foundation is a certification intended for IT professionals seeking to validate their knowledge of Information Security Management Systems (ISMS) in accordance with the ISO/IEC 27000. The ISO/IEC 27000 Foundation certification exam is based on the ISO/IEC 27000 International Standard.

The exam covers topics such as Scope of the ISO/IEC 27000, Normative references, Terms and definitions, Information security management systems (Overview and principles, Information, Information security, Management, and Management system), importance of an ISMS, Establishing, monitoring, maintaining and improving an ISMS (Identifying information security requirements, Assessing information security risks, Treating information security risks, Selecting and implementing controls, Monitor, maintain and improve the effectiveness of the ISMS, Continual improvement), ISMS critical success factors, Benefits of the ISMS family of standards, ISMS family of standards (ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27006, ISO/IEC 27007, ISO/IEC TR 27008, ISO/IEC 27009, ISO/IEC 27010, ISO/IEC 27011, ISO/IEC 27013, ISO/IEC 27014, ISO/IEC TR 27016, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27019, ISO/IEC 27021, and ISO 27799).

The ISO/IEC 27000 Foundation certification exam is an online, closed-book, and remotely-proctored exam. It includes 40 multiple-choice questions and the passing score is 70%. Candidates will have 60 minutes to complete the exam. Validate your knowledge of Information Security Management Systems (ISMS) and advance your career. Register for your online exam now!





Information Security Risk Management Foundation n

Exam details


Exam code

ITC-092

Launch date

September 26, 2023

Exam description

The ISO/IEC 27000 Foundation exam tests the candidate knowledge in Information security management systems in accordance with the ISO/IEC 27000:2018.

Current version

v1 (September 26, 2023)

Exam format

Multiple choice; computer-based; closed book; online proctored exam

Number of questions

40 questions

Passing score

70% (28 out of 40)

Exam duration

60 minutes

Level

Foundation

Languages

English

Exam description

The exam covers topics such as Scope of the ISO/IEC 27000, Normative references, Terms and definitions, Information security management systems (Overview and principles, Information, Information security, Management, and Management system), importance of an ISMS, Establishing, monitoring, maintaining and improving an ISMS (Identifying information security requirements, Assessing information security risks, Treating information security risks, Selecting and implementing controls, Monitor, maintain and improve the effectiveness of the ISMS, Continual improvement), ISMS critical success factors, Benefits of the ISMS family of standards, ISMS family of standards (ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27006, ISO/IEC 27007, ISO/IEC TR 27008, ISO/IEC 27009, ISO/IEC 27010, ISO/IEC 27011, ISO/IEC 27013, ISO/IEC 27014, ISO/IEC TR 27016, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27019, ISO/IEC 27021, and ISO 27799).

RECOMMENDED HOURS OF STUDY

16 hours

Bloom's Taxonomy

Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying)

Recommended reading

• ISO/IEC 27000:2018 Information technology - Security techniques - Information security management systems - Overview and vocabulary - The Standard is available for download here

Prerequisites

There are no prerequisites for this certification

Recommended experience

Six months of work experience in Information Security Management Systems (ISMS)

Validity period

Lifetime

Exam Content Outline


   Domains Weight

1. The scope of ISO/IEC 27000

10%

2. Terms and definitions

30%

3. Information security management systems

30%

4. ISMS family of standards

30%

   Total

100%

How to get certified


1

Browse our certification programs and choose your certification.

2

Discover the exam objectives and prepare for your exam.

3

Register for your online proctored exam.

4

Take your online proctored exam in the comfort of your home or office.

5

Congratulations! You are certified!

Stackable Certifications


Earn 4 certifications and receive an integrator certification (designation).

Information Security Management Foundation (ISO/IEC 27001)

Information Security Risk Management Foundation (ISO/IEC 27005)

GDPR Foundation

Personal Information Protection Foundation (PIPEDA) OR LGPD Foundation
Certified Data Protection Officer (DPO)

Frequently Asked Questions


  • How much does an ITCERTS certification exam cost?

    All exams are available for $150 USD each. Prices may vary slightly by region and currency exchange rates.

  • Are there any prerequisites to take the exams?

    There are no prerequisites to take the exams. ITCERTS recommends that candidates have at least six months of work experience in the area that the certification exam covers.

  • What is the exam retake policy?

    If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).

  • How do I register for an Online Proctored Exam?

    Visit the Online Proctored Exam registration page to find complete instructions.

  • Are there any mandatory training to take an exam?

    Training is recommended as part of your certification preparation, but it is not mandatory.

  • Which languages are the exams available in?

    Our exams are currently available in English and Portuguese.

  • Where can I take the exams?

    Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.

  • Do the ITCERTS certifications expire?

    ITCERTS certifications are considered good-for-life and do not expire.

  • How can a potential employer verify my certifications?

    Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.

Subscribe

Subscribe


Subscribe to our newsletter