PECB ISO/IEC 27002 – Information Security Controls

What Is ISO/IEC 27002?

ISO/IEC 27002 is an international standard that provides guidelines for selecting and implementing information security controls and for implementing information security standards and practices. It applies to organisations of all industries or sizes. ISO/IEC 27002 can be used to develop information security management guidelines tailored to the specific context of an organisation.

Initially published in 2005 and updated in 2013, ISO/IEC 27002 was again revised and published in 2022. This new version provides a list of information security controls generally practised in the information security industry, along with guidelines for their implementation. ISO/IEC 27002 provides four categories of information security controls: organisational (clause 5), people (clause 6), physical (clause 7), and technological (clause 8).

Why is ISO/IEC 27002 important for you?

An ISO/IEC 27002 training course provides guidelines for implementing, managing, and continually improving information security management in an organisation.

Different organisations have different information security needs and capabilities. With that in mind, ISO/IEC 27002 controls are designed to be generic and flexible. The PECB ISO/IEC 27002 training courses aim to equip participants with the necessary knowledge for selecting, implementing, and managing such controls.

A PECB certification demonstrates the holder’s knowledge and ability to manage information security risks by applying relevant controls. It also proves their ability to help organisations preserve the confidentiality, integrity, and availability of information, protect against threats and vulnerabilities, and reduce information security risks. Certified ISO/IEC 27002 individuals can be crucial members of an ISMS implementation team.

PECB ISO/IEC 27002 certification benefits

A PECB ISO/IEC 27002 certificate will prove that you have:

  • Understood the implementation of information security controls and control policies based on ISO/IEC 27002 guidelines
  • Obtained practical knowledge of the approaches and techniques used for the implementation and effective management of information security controls
  • Obtained the necessary expertise to support an organisation in planning, implementing, and managing information security controls
  • Understood risk management and its importance in determining appropriate information security controls
  • Gained the ability to support organisations in continually improving their information security management system

How do I get started with ISO/IEC 27002 training?

KRUCEK experts will gladly assist you with the certification process and obtaining the PECB Certified ISO/IEC 27002 certificate.

Choose training level