+27 087 405 5715     info.africa@pinkelephant.co.za


ISO 27002 Information Security Code of Practice Foundation

Course Type:
Training Costs:
Exam Costs:
Next Course:
R 6405
R incl. in course fee
2 days
Closed Course


Pink Elephant is globally accredited to provide ISO 27002™ Security Management education for the certification program. The organisation is accredited by the APM Group.

Your instructor is a highly experienced ISO 27002™ Security Management -certified member of Pink Elephant’s consulting team. Further, he or she is qualified to teach this course as defined by Pink Elephant’s internal Certified Trainer Program. You can expect to learn from an individual with the industry’s deepest knowledge on how to lead a successful implementation project. This knowledge is a direct result of Pink Elephant’s vendor neutrality as well as many years of experience implementing ISO 27002™ Security Management processes in a variety of organisations worldwide.


Information Security Foundation based on ISO/IEC 27002™ Certificate


Sorry, no schedules available.


This course prepares participants for the examination leading to the ISO 27002™ Security Management processes Certificate: Foundation. A 60-minute exam is scheduled on the last day of the course. It consists of 40 multiple choice questions. To help prepare attendees for the final exam, a sample exam is delivered during the course. A passing mark of 65% is required to receive your certificate.


International Standards give state of the art specifications for products, services and good practice, helping to make industry more efficient and effective.

The Course

ISO 27002™ Information Security Code of Practice establishes guidelines and principles for initiating, implementing, maintaining and improving information security management in an organisation. The standard is explicitly concerned with information security, including the security of all forms of information (e.g. computer data, documentation, knowledge and intellectual property) and not just IT/systems security or cyber security.

ISO/IEC 27002™ is a code of practice, not a formal specification such as ISO 27001™. It recommends information security controls addressing information security control objectives arising from risks to the confidentiality, integrity and availability of information. The two standards are intended to be used together, with one complimenting the other.

Target Group

The training ISO Standards is designed to provide insight into the basic processes of, understanding, and is therefore especially suitable for:

  • CIOs
  • CTOs
  • CSOs
  • CFOs
  • VPs and AVPs
  • Anyone responsible for security
  • governance
  • audit
  • compliance
  • risk
  • service continuity
  • disaster recovery
  • Financial Directors
  • Quality Managers
  • Internal Consultants
  • Professional Consultants

Knowledge Objective

  • Information and security concepts
  • The value of information
  • The importance of reliability
  • The difference between threats and risks
  • The relationship between threats and reliability
  • Security Measures: Physical, technical and organisational
  • The importance and impact of legislative and regulatory mandates and compliance


2 days