Information Security Management System – Foundation Certification

This foundation level certification validates foundational to advanced competence in Information Security Management System. Professionals certified at this level demonstrate comprehensive understanding and practical application of Information Security Management System requirements and principles within their organizations.

This scheme certifies foundational knowledge and understanding of ISO/IEC 27001:2022 ISMS requirements, information security concepts (CIA triad), the structure of an Information Security Management System, the updated Annex A controls (2022 revision), and the PDCA cycle applied to information security management. This is a knowledge-based certification only.

Who Is This For?

Purpose & Objectives

This certification program is designed to validate your competence and knowledge of Information Security Management System requirements. Upon completion, you will be able to:

• ✓Understand and apply Information Security Management System principles within your organization
• ✓Explain the key clauses and requirements of ISO/IEC 27001:2022
• ✓Describe the Plan-Do-Check-Act (PDCA) cycle as applied to information security management system
• ✓Identify the roles and responsibilities within a ISMS
• ✓Support organizational compliance with ISO/IEC 27001:2022 requirements

Eligibility Requirements

Competency Framework

Candidates for the Foundation certification in Information Security Management System must demonstrate competence in:

• ▶Knowledge of ISO/IEC 27001:2022 standard structure and requirements
• ▶Understanding of ISMS terminology and key concepts
• ▶Awareness of the PDCA cycle applied to ISMS
• ▶Understanding of management system principles
• ▶Knowledge of documentation and record-keeping requirements

Assessment & Examination

• ✓Multiple-choice examination format
• ✓Minimum passing score: 70%
• ✓Online proctored examination available
• ✓Results provided within 48 hours

Certificate Validity & CPD

• ✓Certificate validity period: 3 years from date of issue
• ✓Continuing Professional Development (CPD) required for renewal
• ✓Minimum 15 CPD hours per year in relevant domain
• ✓Recertification examination or portfolio assessment at renewal
• ✓Digital certificate and verification via QA Assessor registry

Code of Conduct

All certified professionals must adhere to the QA Assessor Code of Conduct:

• ▶Acting with integrity, objectivity, and professional competence
• ▶Maintaining confidentiality of all information obtained during professional activities
• ▶Reporting any conflicts of interest or ethical concerns
• ▶Committing to continuous professional development
• ▶Upholding the reputation of the certification and the profession