The first edition of this book and its accompanying eLearning course is regarded as a classic in its field. Now, in an expanded and updated version of The Art of Service's book, the authors once again present a step-by-step guide to getting your ISO/IEC 27002 Foundation Certificate.
Information security is more important than ever before. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet.
Furthermore, activities of many companies now rely on IT, and information has become a valuable asset.
Protection of information is crucial for the continuity and proper functioning of the organization: information must be reliable. The international standard, the Code of Practice for Information Security ISO/IEC 27002:2005, structures the organization of information security and tests organizational and managerial aspects of information security.
The target audience is people who are professionally involved with the implementation and evaluation of information security and this program is also suitable for small independent businesses for whom some basic knowledge of information security is necessary.
In addition, this foundation level provides a good starting point for new information security professionals.
This certification kit contains both the study guide and access to our online program, including presentations, exam preparation modules, the sample exam and forum to interact, that together provide everything you need to prepare for the ISO/IEC 27002 Foundation certification exam.
ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:
- security policy;
- organization of information security;
- asset management;
- human resources security;
- physical and environmental security;
- communications and operations management;
- access control;
- information systems acquisition, development and maintenance;
- information security incident management;
- business continuity management;
The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 27002:2005 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices and to help build confidence in inter-organizational activities.
Where can I find Support?
When you need additional support, or guidance during your training program you have several options:
eLearning Discussion Forums
As a student you have access to our exclusive discussion forum via the eLearning platform www.theartofservice.org This is where you talk to your fellow students, share your experience and ask about the specific content of your course. The eLearning instructors also monitor the forums and provide input in the discussion
Livechat is available from 8am EST to 5pm EST, as well as 8am - 5pm Eastern Australian time.
Our livechat agents are available to answer your product and sales related questions.
All our students are allocated an instructor which they can reach via email.