HomeCoursesInformation Security › ISO/IEC 27005 Foundation
Information Security Foundation EN

ISO/IEC 27005 Foundation

Grasp the fundamentals of information security risk management in line with ISO/IEC 27005. The ideal starting point to understand how risk is analysed and treated before going deeper at Risk Manager level.

2 daysof training
Foundationfoundation level
ENlanguage
OfficialPECB exam incl.

Who is this course for?

  • Professionals starting out in security risk management
  • Members of security and compliance teams
  • Those who need to understand the vocabulary and process of ISO 27005
  • Professionals preparing for the Risk Manager level

What you'll gain

  • The PECB Certified ISO/IEC 27005 Foundation credential
  • An understanding of the security risk management process
  • The basis to approach risk assessment in ISO 27001, NIS2 and DORA
  • The starting point to move up to the Risk Manager level

Course programme

Fundamentals of security risk
  • Risk concepts; ISO/IEC 27005 and ISO 31000
  • Risk management framework and process
  • Relationship with the ISO 27001 ISMS
Process and exam
  • Risk identification, analysis and evaluation (overview)
  • Risk treatment and acceptance
  • Review and official Foundation exam

Exam, credits & certification

1 h
Duration of the official PECB exam
14 CPD
Continuing Professional Development credits granted by the course
Included
Exam, marking and first issue of the certification, included in the price

Once you pass the exam, you can apply for the "PECB Certified ISO/IEC 27005 Foundation" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing first time is no longer a source of pressure. CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.

Your trainer

Ricardo Coronel Lemus, PECB trainer

Ricardo Coronel Lemus

Practising GRC / vCISO consultant · PECB Certified Trainer (CT6496)

More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. This is a standard I teach as a PECB Certified Trainer, and I don't approach it theoretically: I apply it day to day with real clients — that's what I bring to my coaching and exam preparation.

ISO 27001 Lead Auditor / Lead Implementer CISSPCISMCRISCCCISODORA Lead ManagerPCI DSS - PCIP

Frequently asked questions

Do I need any prerequisites?
There are no formal prerequisites. Some prior background in the field helps, but it is not required.
What language is the exam in?
The official PECB exam for this course is available in English. Coaching is delivered in English to prepare you as well as possible.
What is the difference between Self-Study and Self-Study + Coaching?
Self-Study gives you the official material, the exam and the certification to progress at your own pace. The coaching option adds one-to-one sessions with me, real-world case studies and guided exam preparation: I support you until you feel ready to get certified.
What if I don't pass the exam?
The PECB exam includes 2 attempts: the first plus a free retake usable within the following 12 months. So a failure doesn't leave you stranded. What's more, with the coaching option we prepare for the exam together with mock exams so that you arrive with confidence.
Is Foundation or Risk Manager right for me?
Foundation gives you the conceptual basis in 2 days; Risk Manager (3 days) goes deeper and lets you carry out complete risk assessments. If you already have experience, you can go straight to the Risk Manager.

Ready to get certified in ISO/IEC 27005 Foundation?

Choose your option above and enrol online. A question or need some advice? Write to me or book a call.