25.8.0
This website uses cookies to ensure you get the best experience on our website. Learn more

Information Security Risk Management (ISO/IEC 27005) Foundation

Débora Inácio Pereira

Earners of the Information Security Risk Management Foundation (ISO/IEC 27005:2022) certification have demonstrated foundational knowledge of the ISO/IEC 27005:2022 standard. This certification confirms that the professional has foundational knowledge of Information Security Risk Management in accordance with the ISO/IEC 27005:2022 standard. The exam covers topics such as Scope of the ISO/IEC 27005:2022, Normative references, Terms and definitions, ​Information security risk management, Context establishment, Information security risk assessment process, Information security risk treatment process, Operation, and Leveraging related ISMS processes. the information security risk management process, information security risk assessment (risk identification (identification of assets, threats, existing controls, vulnerabilities and consequences), risk analysis, risk evaluation, information security risk treatment (risk modification, risk retention, risk avoidance and risk sharing), information security risk acceptance, information risk communication and consultation and information security risk monitoring and review. Earning criteria: To earn the Information Security Risk Management Foundation (ISO/IEC 27005:2022) certification candidates must successfully pass the ITC-090: Information Security Risk Management Foundation (ISO/IEC 27005:2022) exam - Foundational level. A score of 70% or higher is required to pass the exam. The ITC-090: Information Security Risk Management Foundation (ISO/IEC 27005:2022) exam is a closed-book and remotely proctored exam. ITCERTS recommends that candidates have at least 6 months of work experience in Information Security Risk Management before sitting for the exam. This certification is considered good-for-life and does not expire.

Skills / Knowledge

  • Information Security Risk Management
  • Risk Assessment
  • Risk Treatment
  • Risk Communication
  • Risk Monitoring

Issued on

September 10, 2023

Expires on

Does not expire

Earning Criteria

Required

exam
Pass the ITC-090: Information Security Risk Management Foundation (ISO/IEC 27005:2022)