PECB ISO/IEC 27005 Foundation Training Course

The ISO 22301 Introduction training course is designed to help you grasp the fundamental concepts of a Business Continuity Management System (BCMS).

Through participation in the ISO 22301 Introduction course, you will gain insight into the significance of a Business Continuity Management System and the advantages it offers to businesses, society, and government entities.

Who should attend?

• Individuals with an interest in Business Continuity Management
• Individuals wishing to acquire knowledge regarding the primary processes of a Business Continuity Management System (BCMS)

Learning objectives

• Comprehend the concepts, approaches, methods, and techniques employed to implement a Business Continuity Management System
• Understand the core components of a Business Continuity Management System 

Upon completing this training course, you will be eligible to take the examination. If you pass successfully, you may apply for the 'Certified ISO 22301 Lead Implementer' certification. This internationally recognised certificate demonstrates your professional competence and practical expertise in implementing a Business Continuity Management System (BCMS) in accordance with ISO 22301 requirements.

Target Audience

• Project managers and consultants working on business continuity initiatives
• Expert advisors aiming to master the implementation of a business continuity management system
• Professionals responsible for ensuring organisational conformity with BCMS requirements
• Members of the BCMS team

Learning Objectives

• Develop a thorough understanding of the concepts, methodologies, and techniques used to implement and effectively manage a BCMS
• Learn how to interpret and apply ISO 22301 requirements within the specific context of an organisation
• Understand the operation of the business continuity management system and its processes as defined by ISO 22301
• Acquire the necessary knowledge to support an organisation in effectively planning, implementing, managing, monitoring, and continually improving a BCMS

Educational Approach

• This course combines theoretical foundations, implementation best practices, and ISO 22301 requirements relevant to BCMS implementation.
• Lectures are complemented by practical exercises based on a case study, including role-playing and group discussions.
• Participants are encouraged to interact actively and engage in discussions and exercises.
• The exercises mirror the format of the certification exam.

General Information

• Certification fees are included in the exam price. After completing the course, you can book your exam.
• Participants will receive training materials comprising over 450 pages of explanatory content and practical examples.
• An Attendance Record awarding 31 CPD (Continuing Professional Development) credits will be issued to participants who attend the training course.
• Candidates who do not pass the exam may retake it free of charge within 12 months of the initial attempt.

ISO/IEC 27001 Lead Auditor

The ISO/IEC 27001 Lead Auditor training equips you with the essential expertise to conduct Information Security Management System (ISMS) audits by applying internationally recognized audit principles, procedures, and techniques.

Why should you attend?

Through this training course, you will gain the knowledge and skills required to plan and execute both internal and external audits in compliance with ISO 19011 and the ISO/IEC 17021-1 certification process.

Through practical exercises, you will master audit techniques and develop the competence to manage an audit program, lead an audit team, communicate effectively with clients, and resolve conflicts.

Once you have acquired the necessary expertise to perform this audit, you can take the exam and apply for the “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you demonstrate that you possess the capabilities and competencies to audit organizations according to best practices.

Who should attend?

• Auditors looking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants aiming to master the Information Security Management System audit process
• Professionals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts preparing for an Information Security Management System audit
• Expert advisors in Information Security Management

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001
• Recognize the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the auditor’s role to plan, lead, and follow up on a management system audit in accordance with ISO 19011
• Learn how to lead an audit and an audit team
• Learn how to interpret the requirements of ISO/IEC 27001 within the context of an ISMS audit
• Acquire the competencies of an auditor to plan an audit, lead an audit, draft reports, and follow up on an audit in compliance with ISO 19011

Educational approach

• This training combines theoretical knowledge with best practices used in ISMS audits
• Lecture sessions are supported by examples based on case studies
• Practical exercises are based on a case study involving role-playing and discussions
• Practice tests mirror the format of the Certification Exam

The ISO/IEC 27002 Lead Manager training equips you with the essential expertise and knowledge to help an organization implement and manage Information Security controls as outlined in ISO/IEC 27002.

Upon completion of this course, you are eligible to sit for the exam and apply for the "PECB Certified ISO/IEC 27002 Lead Manager" credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques required for implementing and managing Information Security controls in accordance with ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the process of implementing an Information Security Management System
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques necessary for the effective implementation and management of Information Security controls
• Comprehend the interrelationships between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the significance of information security to the organization's overall strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training combines both theoretical knowledge and practical application
• Lecture sessions supplemented with examples from real-world cases
• Practical exercises based on case studies
• Review exercises designed to assist with exam preparation
• Practice tests that mirror the format of the certification exam

General Information

• Certification fees are included in the exam price
• Training material, comprising over 500 pages of information and practical examples, will be distributed to participants
• Participants will receive a certificate of participation awarding 31 CPD (Continuing Professional Development) credits
• In the event of an exam failure, you may retake the exam free of charge within 12 months

The ISO/IEC 27005 Lead Risk Manager training provides you with the essential expertise to assist organizations in managing risks associated with all assets relevant to Information Security, using the ISO/IEC 27005 standard as a reference framework. Throughout this course, you will gain comprehensive knowledge of the process model for designing and developing an Information Security Risk Management program. The training also covers a thorough understanding of best practices for risk assessment methods such as OCTAVE, EBIOS, MEHARI, and harmonized TRA. This course supports the implementation of the ISMS framework outlined in the ISO/IEC 27001 standard.

After mastering all necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can take the exam and apply for the “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. Holding a PECB Lead Risk Manager Certificate demonstrates that you possess the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001, or those involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information security risk assessment
• Domain 4 Information security risk treatment
• Domain 5 Information security risk communication, monitoring and improvement
• Domain 6 Information security risk assessment methodologies

General Information

• Certification fees are included in the exam price
• Training material containing over 350 pages of information and practical examples will be distributed
• A participation certificate awarding 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

The ISO 28000 Lead Implementer training program empowers you to acquire the essential expertise required to assist an organization in establishing, implementing, managing, and maintaining a Supply Chain Security Management System (SCSMS) in accordance with ISO 28000. Through this course, you will gain a deep understanding of best practices for Supply Chain Security Management Systems and learn to enhance the efficiency of managing potential security risks and their effects within an organization's supply chain.

Upon mastering the necessary concepts of Supply Chain Security Management Systems, you may sit for the exam and apply for the PECB Certified ISO 28000 Lead Implementer credential. Holding a PECB Lead Implementer Certificate demonstrates that you possess the practical knowledge and professional capabilities to successfully implement ISO 28000 within an organization.

Who should attend?

• Managers or consultants involved in Supply Chain Security Management
• Expert advisors seeking to master the implementation of a Supply Chain Security Management System
• Individuals responsible for maintaining conformance with SCSMS requirements
• SCSMS team members

Learning objectives

• Acknowledge the correlation between ISO 28000 and other standards and regulatory frameworks
• Master the concepts, approaches, methods and techniques used for the implementation and effective management of a SCSMS
• Learn how to interpret the ISO 28000 requirements in the specific context of an organization
• Learn how to support an organization to effectively plan, implement, manage, monitor and maintain a SCSMS
• Acquire the expertise to advise an organization in implementing Supply Chain Security Management System best practices

Educational approach

• This training is based on both theory and best practices used in the implementation of a SCSMS
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

General Information

• Certification fees are included on the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO 37001:2025 serves as an international standard for Anti-Bribery Management Systems (ABMS), offering both requirements and guidance to help organizations of any size or sector prevent, detect, and address bribery risks.

This instructor-led, live training session, available both online and onsite, is designed for professionals at beginner to intermediate levels who want to comprehend and assist in implementing or auditing an anti-bribery management system aligned with ISO 37001:2025.

Upon completing this training, participants will be capable of:

• Comprehending the framework and objectives of ISO 37001:2025.
• Applying anti-bribery requirements within practical organizational settings.
• Establishing and overseeing effective internal controls and reporting mechanisms.
• Assisting organizations in achieving regulatory compliance and upholding ethical integrity.

Course Format

• Engaging lectures and discussions.
• Real-world case studies and examples.
• Scenario-based exercises and collaborative group work.

Customization Options

• To arrange a customized training session for this course, please get in touch with us.

ISO 37301 is an international standard outlining the requirements for establishing, developing, implementing, evaluating, maintaining, and improving an effective compliance management system (CMS).

This instructor-led live training, available either online or onsite, is designed for beginner to intermediate-level professionals who wish to understand, implement, or audit a compliance management system based on ISO 37301.

By the end of this training, participants will be able to:

• Grasp the structure, purpose, and scope of ISO 37301.
• Implement the core elements of a compliance management system (CMS).
• Identify compliance risks and opportunities throughout the organization.
• Integrate ISO 37301 CMS with existing governance, risk, or ISO systems.

Format of the Course

• Interactive lectures and discussions.
• Hands-on exercises and real-world case studies.
• Group activities and compliance scenario simulations.

Course Customization Options

• For a customized training version of this course, please contact us to arrange details.

The ISO/IEC 42001 Foundation training course provides you with the essential principles required to establish and manage an artificial intelligence management system (AIMS) in compliance with ISO/IEC 42001. Designed to build a strong foundation for deeper expertise in AIMS, the course ensures you gain a solid understanding of the key concepts.

ISO 9001 and ISO 27001 stand as globally acknowledged benchmarks for quality management and information security management systems, respectively.

This instructor-led live training, available either online or onsite, is designed for intermediate-level professionals looking to master the interpretation of ISO 9001 and ISO 27001 standards and execute internal audits with confidence.

Upon completing this training, participants will be equipped to:

• Comprehend the core principles and mandatory requirements of both ISO 9001 and ISO 27001.
• Apply the interpretation of clauses and controls to real-world business contexts.
• Plan and carry out internal audits that align with ISO standards.
• Detect nonconformities and propose appropriate corrective measures.

Course Format

• Engaging lectures combined with group discussions.
• Simulated auditing exercises and in-depth case studies.
• Practical analysis of various quality and security scenarios.

Customization Options

• To arrange a tailored training session for this course, please reach out to us.

This instructor-led, live training in Norway (online or onsite) is designed for intermediate-level professionals who wish to develop a systematic approach to identifying, analyzing, and resolving problems using RCA methodologies.

Upon completion of this training, participants will be able to:

• Grasp essential RCA concepts and continuous improvement cycles.
• Utilize various RCA tools to pinpoint the root causes of problems.
• Formulate and execute effective problem-solving strategies.
• Incorporate RCA into organizational initiatives for improvement and prevention.

The primary objective of this programme is to shift the audit function from a reactive approach focused on 'identifying issues' to a proactive strategy centred on 'preventing problems'. By mastering Root Cause Analysis, the Internal Audit team will specifically focus on eliminating recurring findings. This ensures that once a weakness is identified, the recommendations offer a permanent solution, thereby protecting the organisation's operational efficiency and financial integrity.

Failing to implement structured RCA creates a high-risk environment:

• Financial Erosion: Unaddressed root causes in financial processes result in cumulative losses that increase over time.
• Resource Wastage: Auditors spend 40% more time re-auditing the same failed controls rather than concentrating on new strategic risks.
• Diminished Authority: Continuously reporting the same issues undermines the Audit Division's influence with senior management and auditees.

This instructor-led, live training in Norway (online or in-person) is designed for intermediate-level internal auditors seeking to enhance their audit effectiveness by applying structured RCA techniques.

Upon completing this training, participants will be capable of:

• Comprehending RCA methodologies and their significance within internal auditing.
• Identifying and analyzing the root causes associated with audit findings.
• Utilizing RCA tools including the 5 Whys, Fishbone Diagram, and Failure Mode and Effects Analysis (FMEA).
• Creating corrective and preventive action plans grounded in RCA insights.
• Incorporating RCA into the internal audit workflow to strengthen risk management.

This instructor-led, live training (online or onsite) is aimed at intermediate-level safety professionals and operational managers who wish to enhance their ability to investigate incidents, identify systemic weaknesses, and design effective corrective and preventive actions.