ISO 27001 Foundation

Accredited Training Course and exam (EXIN) in only 2 days

Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities.

The international standard for Information Security Management ISO/IEC 27001 is a widely respected and referenced standard and provides a framework for the organization and management of an information security program. Implementing a program based on this standard will serve an organization well in its goal of meeting many of the requirements faced in today’s complex operating environment. A strong understanding of this standard is important to the personal development of every information security professional.

This intensive 2-day course provides a good understanding of the ISO / IEC 27001 information security management framework, basic concepts, benefits and considerations related to setting up an Information Security Management System (ISMS). At the end of the course, participants will take the 60-minute exam to obtain the international qualification EXIN Information Security Foundation based on ISO/IEC 27001 Certificate.


The session Information Security Foundation based on ISO/IEC 27001 (2 Days) (EXIN) is intended for everyone in the organization who is processing information. The module is also suitable for entrepreneurs of small independent businesses for whom some basic knowledge of information security is necessary. This module can be a good start for new information security professionals.

This course and the EXIN Information Security Foundation based on ISO 27001 Certificate (exam taken at the end of the session) are the mandatory entry point for any person wanting to obtain the EXIN ISO/IEC 27001 Professional Certificate.


There is no pre-requisite for the foundation qualification but an interest and/or background in information security or service management would be an advantage.


EXIN Information Security Foundation based on ISO/IEC 27001 is a certification that validates a professional’s knowledge about:

  • Information and security: the concept, the value, the importance and the reliability of information,
  • Threats and risks: the concepts of threat and risk and the relationship with the reliability of information,
  • Approach and organization: the security policy and security organization including the components of the security organization and management of (security) incidents,
  • Measures: the importance of security measures including physical, technical and organizational measures,
  • Legislation and regulations: the importance and impact of legislation and regulations.

Course syllabus

Welcome & Introduction

Module 1: Information & security (10%)

  • The Concept of Information
  • The value of information
  • Reliability Aspects

Module 2: Threats and Risks (30%)

  • Threats and Risks
  • Relationships between Threats, Risks and the Reliability of Information

Module 3: Approach and Organization (10%)

  • Security Policy and Security Organization
  • Components
  • Incident Management

Module 4: Measures (40%)

  • Importance of Measures
  • Physical Security Measures
  • Technical Measures
  • Organizational Measures

Module 5: Legislation and Regulation (10%)

  • Legislation and Regulation

Exam preparation

  • FAQ about the exam
  • Practice exam and group review

Official EXIN Information Security Foundation based on ISO/IEC 27001 Online Exam

Closing & Questions


The official EXIN Information Security Foundation based on ISO/IEC 27001 exam is included in the package.

  • The exam consists of 40 multiple-choice questions which cover all 5 areas of the ISO/IEC 27001 Foundation syllabus. Each question is worth 1 point
  • Styles of question: selection of the correct answer from a choice of 3 or 4 options
  • Exam duration: 60 minutes
  • Pass mark: 65% (26/40)
  • Exam type: Closed book and no electronic equipment/aides permitted


Alain Bonneaud
CISA® - CISM® - CGEIT® - COBIT® - ISO 27001 - ITIL® - PRINCE2® - RESILIA® - VeriSM™ - ISO 20000 - DevOps

Terms & Conditions

The following terms and conditions apply for bookings:

  • the session is led by a trainer accredited by EXIN on ISO/IEC 27001,
  • personalized welcome in the classroom with mineral water and breaks ,
  • accredited training material,
  • exam preparation,
  • online exam : EXIN Information Security Foundation based on ISO/IEC 27001 exam
  • 2AB & Associates Participation Certificate
  • 2AB & Associates, accredited EXIN ATO, official certificate will be issued to participants
  • a group of 10 participants max. in order to ensure the quality of the training delivery.


Document sans titre

Course fees must be paid at least 10 working days prior to the commencement of the course in order to guarantee your place. We accept payment by Direct Debit, credit cards, paypal or bank transfers. Payment made by credit card will incur the following charges – MasterCard (1.5%), Visa (1.5%) American Express (3.0%).


Go Green : tout le mat&eacriel de formation est fourni au format électronique