Information Security Foundation (based on ISO/IEC 27002)

Information Security Foundation (based on ISO/IEC 27002)


Companies should protect their valuable information, which starts by informing and educating their employees.


What are the benefits of EXIN Information Security Foundation?

  • Create awareness amongst employees.
  • Provide understanding of the measures that need to be taken.


Target group

Every employee, from administrative worker to CEO, dealing with valuable information.



The certificate Information Security Foundation is followed up by the certificates Information Security Management Advanced and Information Security Management Expert. All three modules within the program are based on the international standard set of ISO/IEC 27000.


e-Competence Framework (e-CF)

The mapping of this certificate against the e-Competence Framework.


 e-CF Area   e-Competence e-1 e-2 e-3 e-4 e-5
RUN C.2. Change Support
C.3. Service Delivery          
ENABLE D.9. Personnel Development          
D.10. Information and Knowledge Management          
Risk Management          
E.8. Information Security Management          

Legend for coverage:

  General - The competence is covered at the level indicated
  Partial - The competence is covered to some extent
  Superficial - Relevant knowledge is covered to some extent
  The competence level is available in the framework
  The competence level is not available in the framework





Exam content

  1. You will get knowledge about the concept, importance and the reliability of information.
  2. You will learn about the types of risks, threats and damages, and the available risk strategies and the security measures you can take.
  3. You will get insight in the security policy and organization, inclusive code of conduct, ownership, and roles and responsibilities. Moreover you learn how to manage security incidents.
  4. You will learn about the various security measures.
    • Physical measures such as identity passes and finger scans.
    • Technical measures such as cryptography, and you will learn how to deal with attacks such as phishing, spam and malware.
    • Organizational measures you can take such as access management and Business Continuity Management.
  5. You will get aware of the most important legislation and regulations.


Exam Details

Number of multiple-choice questions: 40
Pass mark: 65% (26 out of 40)
Open book: no
Electronic equipment allowed: no


Print print Follow us facebook twitter linkedin youtube
Open sitemap

EXIN International

Arthur van Schendelstraat 650


The Netherlands


Contact »