Information Security Management Advanced based on ISO/IEC 27002:2013

Information Security Management Advanced based on ISO/IEC 27002:2013


Information security is becoming increasingly important. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet.

The module Information Security Management Advanced based on ISO/IEC 27002:2013 (ISMAS.EN) tests organizational and managerial aspects of information security.


Target group

Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities.



The Certificate Information Security Management Advanced is part of the qualification program Information Security. The module is followed up by the Certificate Information Security Management Expert.


e-Competence Framework (e-CF)

The mapping of this certificate against the e-Competence Framework.


 e-CF Area   e-Competence e-1 e-2 e-3 e-4 e-5
PLAN A.7. Technology Trend Monitoring          
RUN C.2. Change Support          
C.3. Service Delivery          
ENABLE D.1. Information Security Strategy Development
D.9. Personnel Development          
D.10. Information and Knowledge Management          
MANAGE E.3. Risk Management          
E.4. Relationship Management          
E.5. Process Improvement          
E.8. Information Security Management          
E.9. IS Governance          

Legend for coverage:

  General - The competence is covered at the level indicated
  Partial - The competence is covered to some extent
  Superficial - Relevant knowledge is covered to some extent
  The competence level is available in the framework
  The competence level is not available in the framework



The Information Security Foundation Certificate or an equivalent.


Requirements for the certificate

  • The Information Security Management Advanced training course with an EXIN accredited training provider (ATP), including having successfully fulfilled the two (2) practical assignments as part of the course.
  • Successful completion of the exam Information Security Management Advanced.


Exam content

  1. Information security perspectives: (10%)
  2. Risk Management (30%)
  3. Information security controls: (60%) 


Exam Details

Number of questions: 30
Pass mark: 65% (20 of 30) 
Open book/notes: no 
Electronic equipment permitted: no


Print print Follow us facebook twitter linkedin youtube
Open sitemap

EXIN International

Arthur van Schendelstraat 650


The Netherlands


Contact »