Confirm

Information Security Management Expert based on ISO/IEC 27002

Summary

Information security is becoming increasingly important. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet. Furthermore, activities of many companies now rely on IT, and information has become a valuable asset. Protection of information is crucial for the continuity and proper functioning of the organization: information must be reliable.

The module Information Security Management Expert based on ISO/IEC 27002 (ISMES.EN) tests specialized knowledge, understanding and skills in structuring, maintaining and optimizing the security of information within an organization.

The international standard, the Code of Practice for Information Security ISO/IEC 27002:2005 structures the organization of information security. For that reason, it is an important point of departure for this module.

 

Target group

IT professionals responsible for the partial or overall set up and development of structural information security, like the Chief Information Security Officer, CISO, the Information Security Manager, ISM, or the Business Information Security Architect, BISA.

 

Context

The ISMES module is the continuation of Information Security Foundation based on ISO/IEC 27002 (ISFS.EN) and Information Security Management Advanced based on ISO/IEC 27002 (ISMAS.EN).

 

Prior knowledge

  • The ISFS and ISMAS modules have to be successfully completed, or the participant has to show that he/she is at the same level (as determined by EXIN). 
  • The participant has to have at least 2 years of tangible practical experience at the management level in at least two of the main topic areas (examination requirements) of this module.

 

Exam Requirements

  1. Organization of information security (establishing Information Security Management System, ISMS) 20% 
  2. Information security policy 10% 
  3. Risk analysis 10% 
  4. Organizational change and –development pertaining to Information Security 40% 
  5. Standards and norms 10% 
  6. Audits and certification 10%

 

Exam Details

Time allotted for examination: Oral exam: 90 minutes
Number of questions: Not relevant
Pass mark: 55%
Open book: No
Electronic equipment permitted: For presentation

 

Book exam
Return to exam overview

This exam is available in these languages:

  • Dutch
  • English

Download

Training Provider search »
Print print Follow us print print Share via
Open sitemap

EXIN International

Radboudkwartier 223
Radboudhof, floor 5 (Hoog Catharijne)
3511 CJ Utrecht
The Netherlands

 

Contact »