Prerequisites

ISO 27001 Foundation certification or a basic knowledge of ISO 27001 and ISO 27002 is recommended.

Examination

Live Virtual Training – At course completion participants will receive an online exam voucher. The online exam is web-based and hosted by the PECB Exam System which is accessed via a web browser. The exam can be taken at any time after the course. The exam voucher has a 12 month validity period.

Face-to-Face Training – Participants will be provided with a paper-based exam which is completed whilst at the course in the same venue of the course itself.

Exam Format:

• 80 questions
• Multiple choice
• Open book
• 3 hours (30 additional mins for EASL)
• Pass mark 70%
• If delegates fail their first attempt they can retake it for free within 12 months

The Certified ISO/IEC 27001 Lead Implementer exam is conducted under the auspices of the PECB Examination and Certification Programme (ECP).

• The exam covers the following competence domains:
  • Domain 1: Fundamental principles and concepts of information security
  • Domain 2: Information security control best practice based on ISO 27002
  • Domain 3: Planning an ISMS based on ISO 27001
  • Domain 4: Implementing an ISMS based on ISO 27001
  • Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001
  • Domain 6: Continual improvement of an ISMS based on ISO 27001
  • Domain 7: Preparing for an ISMS certification audit
• A certificate will be issued to participants who successfully pass the exam via PECB 

Examination Re-Sit Options:

• If you are unsuccessful on your first attempt at the exam, you are eligible for one FREE re-take of the exam within 12 months from the initial date.
• Exam re-sit fees apply for 3rd attempts at the exam or additional attempts post the initial 12 month period.

Certification Levels

There are three levels of accreditation that you can apply for after passing the exam, depending on professional experience:

• ISO/IEC 27001 Provisional Implementer – exam passed, no direct professional experience, no ISMS project experience
• ISO/IEC 27001 Implementer – exam passed, two years professional experience with at least one year in information security, project experience of at least 200 hours
• ISO/IEC 27001 Lead Implementer – exam passed, five years professional experience with at least two years in information security, project experience of at least 300 hours

Candidates can apply for the appropriate level of accreditation once exam results have been received.