top of page


ISO/IEC 27002 | Information Security Controls


Untitled design (87).png


Untitled design (87).png


Untitled design (87).png

Why Should You Attend this ISO/IEC 27002 Foundation training?

ISO/IEC 27002 Foundation training course provides information on the fundamental concepts of information security, cybersecurity and privacy based on ISO/IEC 27002.

ISO/IEC 27002 Foundation training course enables participants to learn the basic concepts related to the implementation and management of information security controls based on the guidelines of ISO/IEC 27002.

Through this training course, participants will be able to identify the information security controls of ISO/IEC 27002 that are categorized into four themes: organizational, people, physical, and technological. The training course also provides information on how ISO/IEC 27002 is related with other standards, such as ISO/IEC 27001 and ISO/IEC 27003.

The training course is followed by an exam. If you pass, you can apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. This certificate demonstrates that you have a general knowledge of ISO/IEC 27002 information security controls. 

Who Should Attend ISO/IEC 27002 Foundation training?

This training course is intended for:

  • Managers and consultants seeking to know more about information security controls of ISO/IEC 27002

  • Professionals engaged in or responsible for information security management 

  • Individuals seeking to gain knowledge about the main processes of an information security management system and information security controls

  • Individuals interested to pursue a career in information security 

Learning Objectives

By successfully completing this training course, you will be able to:

  • Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002

  • Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks

  • Interpret the ISO/IEC 27002 organizational, people, physical, and technological controls in the specific context of an organization

Educational Approach

  • This training course contains lecture sessions that are illustrated with practical questions and examples.

  • The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.

  • The structure of quizzes is similar to that of the certificate exam.


There are no prerequisites to participate in this training course. 

Course Agenda


Day 1: Introduction to ISO/IEC 27002 and organizational controls 

Day 2: People, physical, and technological controls and certificate exam


The exam fully meets the requirements of the PECB Examination and Certificate Programme.

It covers the following competency domains:

Domain 1: Fundamental principles and concepts of information security, cybersecurity, and privacy 

Domain 2: Information security controls based on ISO/IEC 27002

Course Study Options

Self Study

In Person

Live Online

In Person Training Locations

  • Doha, Qatar

  • Lusail, Qatar

  • Riyadh, Saudi Arabia

  • NEOM, Saudi Arabia

  • Dubai, UAE

  • Abu Dhabi, UAE

  • Manama, Bahrain

  • Kuwait City, Kuwait

  • Ras Al Khaimah, UAE

  • Jeddah, Saudi Arabia

  • Casablanca, Morocco

  • Muscat, Oman

 To find out more about this course, to chat with us about it
or to book please click here to contact us and we'll get back to you right away. 

bottom of page