PECB ISO/IEC 27005 Foundation Training Course

The ISO 22301 Overview training program provides you with a solid understanding of the fundamental principles of a Business Continuity Management System (BCMS).

Through participation in the ISO 22301 Overview course, you will gain insight into the significance of establishing a Business Continuity Management System and the advantages it offers to organizations, society, and public sectors.

Target Audience:

• Professionals with an interest in Business Continuity Management.
• Those aiming to learn about the core processes of a Business Continuity Management System (BCMS).

Learning Outcomes:

• Gain knowledge of the concepts, methodologies, and techniques required to implement a Business Continuity Management System.
• Identify the fundamental components of a Business Continuity Management System.

Upon completing this training course, you will be eligible to take the examination. If you pass, you may apply for the “Certified ISO 22301 Lead Implementer” credential. This internationally recognized certification validates your professional competence and practical expertise in implementing a Business Continuity Management System (BCMS) in accordance with ISO 22301 requirements.

Target Audience

• Project managers and consultants engaged in business continuity activities
• Expert advisors aiming to master the implementation of a Business Continuity Management System
• Professionals responsible for ensuring organizational compliance with BCMS requirements
• Members of the BCMS team

Learning Objectives

• Develop a thorough understanding of the concepts, methodologies, and techniques used to implement and effectively manage a BCMS
• Learn to interpret and apply the requirements of ISO 22301 within the specific context of your organization
• Gain insight into the operation of a BCMS and its processes as defined by ISO 22301
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and continuously improving a BCMS

Training Methodology

• This course is grounded in theory, industry best practices for implementation, and the specific requirements of ISO 22301 for establishing a BCMS.
• Lectures are complemented by practical exercises based on a case study, including role-playing scenarios and group discussions.
• Participants are encouraged to actively interact and engage in collaborative discussions and exercises.
• The practice exercises closely mirror the format and style of the certification examination.

Key Details

• The certification fee is included in the examination price. After completing the course, you can schedule your exam.
• Participants receive comprehensive training materials containing over 450 pages of explanatory content and practical examples.
• An Attendance Record conferring 31 CPD (Continuing Professional Development) credits will be issued to attendees who complete the training course.
• Candidates who do not pass the exam may retake it within 12 months of the initial attempt at no additional cost.

Why attend this course?

The ISO/IEC 27001 Foundation training provides you with the essential knowledge to implement and manage an Information Security Management System (ISMS) in accordance with the standards outlined in ISO/IEC 27001. Throughout the course, you will gain a comprehensive understanding of various ISMS components, including policy formulation, procedural documentation, performance metrics, management commitment, internal auditing, management reviews, and the cycle of continual improvement.

Upon successful completion of the course, you will be eligible to take the examination and pursue the "PECB Certified ISO/IEC 27001 Foundation" credential. Holding a PECB Foundation Certificate demonstrates your mastery of the core methodologies, requirements, frameworks, and management approaches associated with information security.

Target Audience

• Professionals currently engaged in Information Security Management.
• Individuals aiming to acquire knowledge regarding the key processes of Information Security Management Systems (ISMS).
• Those interested in launching or advancing a career in Information Security Management.

Teaching Methodology

• Lectures are supported by practical questions and real-world examples.
• Practical exercises incorporate examples and collaborative discussions.
• Practice tests closely mirror the format of the actual Certification Exam.

The ISO/IEC 27002 Lead Manager training is designed to equip you with the essential expertise and knowledge required to assist an organization in implementing and managing Information Security controls, as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the examination and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification validates that you have mastered the principles and techniques necessary for implementing and managing Information Security Controls in accordance with ISO/IEC 27002.

Target Audience

• Managers or consultants aiming to implement an Information Security Management System (ISMS) aligned with ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the ISMS implementation process
• Professionals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• IT expert advisors
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning Objectives

• Gain mastery in implementing Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Develop a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Understand the interrelationships between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Recognize the critical role of information security in organizational strategy
• Acquire proficiency in implementing information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational Approach

• This training integrates both theoretical foundations and practical applications
• Lectures supplemented with examples drawn from real-world scenarios
• Hands-on exercises based on case studies
• Review sessions to support exam preparation
• Practice tests modeled after the certification examination

General Information

• Certification fees are included in the exam price
• Participants will receive training materials containing over 500 pages of information and practical examples
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In the event of an unsuccessful exam attempt, candidates may retake the exam free of charge within 12 months

The ISO/IEC 27005 Lead Risk Manager training provides you with the essential expertise to assist an organization throughout the risk management process for all assets pertinent to Information Security, using ISO/IEC 27005 as the reference framework. This course offers comprehensive insight into the process model required to design and develop an Information Security Risk Management program. Participants will also gain a deep understanding of best practices for risk assessment methods, including OCTAVE, EBIOS, MEHARI, and harmonized TRA. Furthermore, this training supports the implementation of the ISMS framework outlined in the ISO/IEC 27001 standard.

Upon mastering the key concepts of Information Security Risk Management based on ISO/IEC 27005, you are eligible to take the exam and apply for the “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. Holding a PECB Lead Risk Manager Certificate demonstrates that you possess the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001, or those involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully complies with the requirements of the PECB Examination and Certification Programme (ECP). The exam assesses the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information security risk assessment
• Domain 4 Information security risk treatment
• Domain 5 Information security risk communication, monitoring and improvement
• Domain 6 Information security risk assessment methodologies

General Information

• Certification fees are included in the exam price
• Training material, containing over 350 pages of information and practical examples, will be distributed
• A participation certificate awarding 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

The ISO 28000 Lead Implementer training equips you with the essential expertise to help an organization establish, implement, manage, and maintain a Supply Chain Security Management System (SCSMS) aligned with ISO 28000. Throughout this course, you will gain a deep understanding of best practices for SCSMS and learn how to enhance the efficiency of managing potential security risks and their impacts on the organization’s supply chain.

Once you have mastered the core concepts of Supply Chain Security Management Systems, you can take the exam to apply for the “PECB Certified ISO 28000 Lead Implementer” credential. Holding this PECB Lead Implementer Certificate demonstrates that you possess the practical knowledge and professional skills necessary to implement ISO 28000 within an organization.

Who should attend?

• Managers or consultants involved in Supply Chain Security Management
• Expert advisors aiming to master the implementation of a Supply Chain Security Management System
• Individuals responsible for ensuring compliance with SCSMS requirements
• SCSMS team members

Learning objectives

• Understand the relationship between ISO 28000 and other standards and regulatory frameworks
• Master the concepts, approaches, methods, and techniques used for implementing and effectively managing an SCSMS
• Learn how to interpret ISO 28000 requirements within the specific context of an organization
• Gain the ability to support an organization in planning, implementing, managing, monitoring, and maintaining an SCSMS
• Acquire the expertise to advise organizations on implementing best practices for Supply Chain Security Management Systems

Educational approach

• This training combines theoretical knowledge with best practices used in SCSMS implementation
• Lecture sessions are enriched with examples derived from case studies
• Practical exercises utilize case studies that include role-playing and group discussions
• Practice tests mirror the format and difficulty of the Certification Exam

General Information

• The certification fee is included in the exam price
• Training materials containing over 450 pages of information and practical examples will be provided
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• If you do not pass the exam, you may retake it free of charge within 12 months

ISO 37001:2025 is an international standard for Anti-Bribery Management Systems (ABMS) that outlines requirements and guidance to help organizations of any size or sector prevent, detect, and address bribery risks.

This instructor-led live training, available online or on-site, is designed for beginner to intermediate professionals seeking to understand and support the implementation or auditing of an anti-bribery management system based on ISO 37001:2025.

Upon completion of this training, participants will be able to:

• Comprehend the structure and objectives of ISO 37001:2025.
• Apply anti-bribery requirements within real-world organizational settings.
• Create and oversee effective internal controls and reporting mechanisms.
• Assist organizations in achieving regulatory compliance and upholding ethical integrity.

Course Format

• Interactive lectures and discussions.
• Analysis of real-world case studies and examples.
• Scenario-based exercises and collaborative group work.

Customization Options

• To request a customized training session, please reach out to us to make arrangements.

ISO 37301 is an international standard that defines the criteria for establishing, developing, implementing, evaluating, maintaining, and enhancing an effective compliance management system (CMS).

This instructor-led, live training (available online or onsite) is designed for beginner to intermediate-level professionals who want to understand, implement, or audit a compliance management system in accordance with ISO 37301.

Upon completion of this training, participants will be able to:

• Grasp the structure, purpose, and scope of ISO 37301.
• Execute the essential components of a compliance management system (CMS).
• Recognize compliance risks and opportunities throughout the organization.
• Integrate the ISO 37301 CMS with existing governance, risk, or ISO systems.

Course Format

• Interactive lectures and discussions.
• Practical exercises and real-world case studies.
• Group activities and compliance scenario simulations.

Customization Options

• For customized training arrangements, please contact us.

ISO 9001 and ISO 27001 are globally recognized standards dedicated to quality management systems and information security management systems, respectively.

This instructor-led live training, available both online and onsite, is designed for intermediate-level professionals who want to master the interpretation of ISO 9001 and ISO 27001 standards and conduct internal audits with precision.

Upon completion of this training, participants will be equipped to:

• Grasp the fundamental principles and mandatory requirements of ISO 9001 and ISO 27001.
• Apply the interpretation of clauses and controls to real-world business contexts.
• Effectively plan and execute internal audits in alignment with ISO standards.
• Identify nonconformities and formulate appropriate corrective actions.

Format of the Course

• Interactive lectures and group discussions.
• Simulated auditing exercises and case studies.
• Practical analysis of quality and security scenarios.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Who can attend?

• Professionals aiming to perform and lead information security management system (ISMS) audits
• Managers or consultants who wish to master the information security management system audit process
• Staff members tasked with ensuring organizational compliance with ISMS requirements
• Technical experts preparing for information security management system audits
• Specialist advisors in the field of information security management

Learning objectives

Upon completing this training course, participants will be able to:

1. Describe the core concepts and principles of an information security management system (ISMS) as defined by ISO/IEC 27001
2. Analyze ISO/IEC 27001 ISMS requirements from an auditor's viewpoint
3. Assess ISMS conformity with ISO/IEC 27001 standards, applying fundamental audit concepts and principles
4. Plan, execute, and finalize an ISO/IEC 27001 compliance audit in line with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and established auditing best practices
5. Oversee an ISO/IEC 27001 audit program

Educational approach

• The training combines theoretical foundations with best practices utilized in ISMS audits
• Lectures are enriched with examples derived from case studies
• Hands-on exercises utilize a case study format, incorporating role-playing and group discussions
• Practice tests mirror the format of the Certification Exam

This instructor-led, live training in Slovakia (online or onsite) is designed for intermediate professionals aiming to develop a systematic approach to identifying, analyzing, and resolving problems through RCA methodologies.

By the end of this training, participants will be able to:

• Understand essential concepts of RCA and continuous improvement cycles.
• Apply different RCA tools to identify the root cause of problems.
• Develop and implement effective problem-solving strategies.
• Integrate RCA into organizational improvement and prevention efforts.

The primary objective of this program is to shift the audit process from a reactive approach focused on "finding" faults to a proactive strategy centered on "prevention." By mastering Root Cause Analysis, the Internal Audit team will specifically target the elimination of recurring findings. This ensures that once a weakness is identified, the resulting recommendations provide a permanent solution, thereby protecting the company's operational efficiency and financial integrity.

Failing to implement structured RCA creates a high-risk environment:

• Financial Erosion: Unresolved root causes within financial processes result in cumulative losses that increase over time.
• Resource Wastage: Auditors spend 40% more time re-auditing the same failed controls rather than focusing on new strategic risks.
• Diminished Authority: Continuously reporting the same issues undermines the Audit Division's influence with senior management and auditees.

This instructor-led, live training session in Slovakia (online or on-site) targets intermediate-level internal auditors seeking to improve their audit efficacy through the use of structured RCA techniques.

By the end of this training, participants will be able to:

• Grasp RCA methodologies and their role in internal auditing.
• Identify and analyze the root causes of audit findings.
• Apply RCA tools such as the 5 Whys, Fishbone Diagram, and Failure Mode and Effects Analysis (FMEA).
• Develop corrective and preventive action plans based on RCA findings.
• Integrate RCA into the internal audit process to improve risk management.

This instructor-led, live training (online or onsite) targets intermediate-level safety professionals and operational managers seeking to strengthen their capacity to investigate incidents, detect systemic vulnerabilities, and formulate effective corrective and preventive measures.