GAICC AI Conference & Awards 2026 "Governing the Future – Building Responsible, Safe and Human-centric AI"

Buy tickets Now →

Log in / Sign up

Enroll Now

GAICC ISO/IEC 27001 Foundation Certification

Learn the fundamentals of information security governance and ISO/IEC 27001:2022 — the first step in understanding, building and auditing Information Security Management Systems (ISMS).
Last Updated: June, 2026
2 Days
English
Certification Trusted by Professionals at:

AI Certification Council

4.8 / 5.0 Rating
27,789+

Students

Our training programs are CPD Accredited by CPDSO

GAICC ISO/IEC 27001 Foundation Course

  • Format: 40 single-answer multiple-choice questions (online proctored)
  • Duration: 60 minutes
  • Passing score: 70%
  • Eligibility: Foundation training on ISO/IEC 27001 with GAICC or an authorised partner
  • Certification: GAICC ISO/IEC 27001 Foundation
  • Validity: 3 years (renewable with CPD credits)
  • Digital Certificate & Badge: Secure, verifiable, and shareable

Exam Content Outline (ECO)

Download the ISO/IEC 27001 Foundation Exam Content Outline: Full detail on domains, weightings, tasks, enablers and the exam structure used for item writing and standard-setting.
Download
Candidate Handbook

Career Opportunities

Completing the ISO/IEC 27001 Foundation course equips you with the knowledge to step into information security, governance, risk and compliance roles.

Potential Roles After Certification:

  • Information Security Associate – Support security teams in aligning projects and operations with the ISMS and ISO/IEC 27001 requirements.
  • GRC Analyst – Contribute to risk registers, the Statement of Applicability, and compliance tracking across the organisation.
  • Junior IT / Security Auditor – Assist in preparing documentation and evidence for Stage 1 and Stage 2 ISO/IEC 27001 audits.
  • Risk & Compliance Assistant – Help maintain controls, awareness programmes and documented information across the ISMS.
  • IT & Business Professional – Build security awareness to support secure operations, supplier management and incident response.
  • Pathway to Advanced Roles – A foundation for the ISO/IEC 27001 Lead Implementer and Lead Auditor certifications.
Enroll Now

GAICC ISO/IEC 27001 Foundation Course

Issued By Global AI Certification Council

Prepare for your GAICC ISO/IEC 27001 Foundation certification with this course

GAICC ISO/IEC 27001 Foundation Course

The GAICC ISO/IEC 27001 Foundation Course introduces participants to the fundamentals of information security management and the ISO/IEC 27001:2022 standard. You will learn what an ISMS is, why organisations adopt it, how the standard is structured across Clauses 4 to 10, and how Annex A controls and the certification lifecycle work.

This certification confirms awareness-level competence: understanding the purpose, structure and core concepts of ISO/IEC 27001. It suits newcomers to information security governance and is a stepping stone to the Lead Implementer and Lead Auditor pathways. It does not assess the ability to implement or audit an ISMS.

  • Key Skills You’ll Gain
  • Core Security Concepts & Terminology –Confidentiality, integrity, availability (CIA), authenticity, non-repudiation, assets, threats, vulnerabilities, risk and controls.
  • Understanding the ISMS & the standard – What an ISMS is, why organisations adopt it, the ISO/IEC 27000 family, and the Plan-Do-Check-Act model.
  • Navigating Clauses 4 to 10 – Context, leadership, planning and risk, support, operation, performance evaluation and improvement.
  • Annex A controls & certification awareness – The four control themes, the Statement of Applicability, and the Stage 1 / Stage 2 certification lifecycle.
Enroll Now

This Course includes:

  • 200+ Pages of Study Material
  • CPD/PDU hours on Completion
  • Certificate of Completion - Required for Exam Eligibility
  • 2-day Self-paced Duration
  • Exam Simulator Access
  • Exam Voucher Included

Who Is This Certification For?

  • Newcomers to information security governance and compliance.
  • IT and business professionals wanting the basics of ISO/IEC 27001 and an ISMS.
  • Junior compliance, risk and security officers.
  • Data, IT and engineering staff seeking security governance knowledge.
  • Anyone preparing for the ISO/IEC 27001 Lead Implementer or Lead Auditor pathways.
  • Professionals already holding ISO/IEC 42001 credentials broadening into 27001.

Practical Outcomes You’ll Achieve

By the end of this course, participants will be able to:

  • Explain core security concepts — CIA, authenticity, non-repudiation, assets, threats, vulnerabilities, risk and controls.
  • Outline the purpose and structure of ISO/IEC 27001 and the wider ISO/IEC 27000 family.
  • Describe Clauses 4 to 10 — context, leadership, planning and risk, support, operation, evaluation and improvement.
  • Explain the Statement of Applicability and how control selection links to risk treatment.
  • Describe what an ISMS is and why organisations adopt it, including drivers, benefits and interested parties.
  • Explain the PDCA model and the relationship between certification and accreditation at awareness level.
  • Identify the four Annex A themes and recognise common controls and their purpose.
  • Outline the certification lifecycle — Stage 1 and Stage 2 audits, surveillance and recertification.
  • Note: This course fulfills exam eligibility requirements.
Enroll Now

Course Modules

Explore the domains you will master

Two days of self-paced learning mapped directly to the three exam domains and the tasks within each.
Domains I & II

DOM I

  • Information Security & ISMS Fundamentals Core concepts (CIA, authenticity, non-repudiation, assets, threats, vulnerabilities, risk, controls); what an ISMS is and why organisations adopt it; interested parties and benefits.
  • The Standard & the ISO/IEC 27000 Family Purpose, scope and structure of ISO/IEC 27001 (Clauses 1–3 vs 4–10, Annex SL, Annex A); the 27000 vocabulary, 27002 controls guidance, 27003 and 27005; links to ISO 9001 and ISO/IEC 42001; the PDCA model and certification vs accreditation.

DOM II

  • Context, Leadership & Planning (Clauses 4–6) Internal/external issues including climate-change relevance, interested parties and ISMS scope; top-management commitment, policy, roles and authorities; risk assessment and treatment, Statement of Applicability, objectives and planning of changes.
  • Support, Operation, Evaluation & Improvement (Clauses 7–10) Resources, competence, awareness, communication and documented information; operational planning and control; monitoring, internal audit and management review; continual improvement, nonconformity and corrective action.

DOM III

  • Annex A Control Themes The four control themes — Organizational (A.5), People (A.6), Physical (A.7) and Technological (A.8) — and the 93 controls in total.
  • Common Controls in Practice Access control, classification, supplier and cloud security, incident management, backup and cryptography, and the purpose each control serves.
  • Statement of Applicability Selection of controls, justification of inclusion and exclusion, and the link to risk treatment.
  • Certification Lifecycle & Exam Readiness Stage 1 and Stage 2 audits, surveillance and recertification, roles in an ISMS, plus exam-format walkthrough and practice questions.

Exam Blueprint

Three domains, weighted 40 / 40 / 20

The Foundation exam is built around three knowledge domains, consistent with the GAICC ISO/IEC 42001 Foundation and comparable Foundation certifications. Forty scored items are distributed by weight.
I · Information Security & ISMS Fundamentals 40% · 16 items
II · ISMS Requirements (Clauses 4 to 10) 40% · 16 items
III · Annex A Controls & Certification Awareness 20% · 8 items

Exam Structure at a Glance

40 scored items
Single-answer MCQ (A–D)
60 minutes
Online proctored or test-centre
Closed book
Pass mark 70%
Remember / Understand / Apply
ISO/IEC 27001:2022
4.8 / 5.0 Rating

Trusted by Professionals Across IT, AI & Other Industries

Aisha Al Mansoori

⭐⭐⭐⭐⭐

Clear, well-structured and practical. The trainer explained every concept with real-world examples that made the ISMS easy to grasp.

Daniel Thompson

⭐⭐⭐⭐⭐

I really enjoyed the ISO 27001 Foundation course. It helped me understand ISO/IEC 27001 in a simple and practical way. The sessions were interactive and engaging.

Priya Ramanathan

⭐⭐⭐⭐⭐

The Course covered all the key areas of information security governance. Complex clauses were broken down in a way that finally made sense.

Michael O'Connor

⭐⭐⭐⭐⭐

The course provided a strong foundation in ISO/IEC 27001 and ISMS fundamentals. The coverage of Clauses 4–10 and risk treatment was clear, practical, and easy to apply.

Grace Nyambura

⭐⭐⭐⭐⭐

As someone new to information security, I found the course easy to follow. The coverage of Annex A controls and certification requirements provided a strong foundation in ISO/IEC 27001.

Carlos Mendoza

⭐⭐⭐⭐⭐

The course provided a clear understanding of ISMS, compliance, and risk management, with excellent exam preparation materials.

Included: High-Value Resources to Accelerate Your Learning

  • ISO/IEC 27001, 27000 & 27002 standards summary ($297 Value)
  • ISO/IEC 27001 case study workbook ($297 Value)
  • Annex A controls quick-reference guide ($197 Value)
  • ISMS templates & checklists (incl. SoA) ($197 Value)

Everything Included: Course + CPD/PDU Credit + Exam

GAICC ISO/IEC 27001 Foundation

(Level 1) · 2 days · CPD/PDUs on completion

What's included?
  • 90/180/360-day access
  • All video lessons and tutorials
  • Exam simulator access
  • Certificate of completion
  • 1 exam voucher included
  • Digital certificate + badge provided

Member Price

US$498

Full Price

US$675

Book Your Seat Now

US$99 is included in the above member price.

Have Questions?

Frequently asked questions.

Yes, GAICC’s training programs are CPD Accredited by the CPD Standard Office (CPDSO), United Kingdom. The ISO/IEC 27001 Foundation is being prepared against ISO/IEC 17024:2026 for IAS accreditation (reference AC474, IAF MD25).
The course and exam are built on ISO/IEC 27001:2022, with the ISO/IEC 27000 vocabulary and the ISO/IEC 27002:2022 controls.
No. The Foundation program is open to all professionals, students and early-career learners. No prior experience in information security is required.
The exam is online proctored or test-centre, closed book, and consists of 40 single-answer multiple-choice questions (options A to D) to be completed in 60 minutes.
The provisional pass mark is 70%, to be confirmed by a modified-Angoff standard-setting study. The exam tests predominantly Remember and Understand levels, with some Apply.
No. Foundation confirms awareness-level competence. To implement or audit an ISMS, progress to the ISO/IEC 27001 Lead Implementer or Lead Auditor pathways.
The certification is valid for 3 years. Renewal requires proof of the required CPD credits.
Instructor

Dr Faiz Rasool

Director at the Global AI Certification Council (GAICC) and PM Training School

Linkedin-in

A globally certified instructor in ISO/IEC, PMI®, TOGAF®, SAFe®, and Scrum.org disciplines. With over three years’ hands-on experience in ISO/IEC 42001 AI governance, he delivers training and consulting across New Zealand, Australia, Malaysia, the Philippines, and the UAE, combining high-end credentials with practical, real-world expertise and global reach.

Other GAICC Certification Courses

Best Selling

GAICC ISO/IEC 27001 Lead Implementer

  • Updated: June, 2026
  • 4 Days
⭐ 4.8
29,899+
Best Selling

GAICC ISO/IEC 27001 Lead Auditor

  • Updated: Updated: June, 2026
  • 4 Days
⭐ 4.8
23,357+
Best Selling

GAICC ISO/IEC 42001 Foundation

  • Updated: April, 2026
  • 2 Days
⭐ 4.8
27,789+

Start Your 'GAICC ISO/IEC 27001 Foundation certification' Today

4.8 / 5.0 Rating
  • Become an AI Governance & Compliance Expert
  • Land High Demand AI Governance Roles
  • Average of $18k salary hike

Self-Paced Course (Certification Exam included)

Member Price

US$498

Full Price

US$675

Membership Fee US$99 is included in the above member price.

Enroll Now
Trusted by 24,000+ Professionals

Ready to become a GAICC ISO/IEC 27001 Foundation certified professional?

Self-paced course with the certification exam included. Build the security governance knowledge employers are looking for.

  • Become an information security & compliance professional
  • Land in-demand GRC and security roles
  • A foundation for Lead Implementer & Lead Auditor
Start Your Certification Now