About the certification

Information Security skills are in high demand. The InfoSec Foundation (ISO/IEC 27001) is an entry-level certification intended for IT professionals seeking to validate their knowledge of Information Security. The InfoSec Foundation (ISO/IEC 27001) certification exam is based on ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements standard.

This exam includes topics such as terms and definitions commonly used in the ISMS family of standards, information security policies, organization of information security, human resource security, asset management, access control, cryptography, physical and environmental security, operations security, communications security, system acquisition, development and maintenance, supplier relationships, information security incident management, business continuity management and compliance.

The InfoSec Foundation (ISO/IEC 27001) certification exam is an online, closed-book, and remotely-proctored exam. It includes 40 multiple-choice questions and the passing score is 70%. You will have 60 minutes to complete the exam. Validate your knowledge of Information Security and advance your career. Register for your online exam now!

Exam details

Exam code


Launch date

August 20, 2016

Exam description

The InfoSec Foudation (ISO/IEC 27001) exam tests the candidate knowledge in Information Security.

Current version


Exam format

Multiple choice; computer-based; closed book

Number of questions

40 questions

Passing score

70% (28 out of 40)

Exam duration

60 minutes




English and Portuguese (Brazilian)

Exam description

Terms and definitions commonly used in the ISMS family of standards, Information security policies, Organization of information security (information security roles and responsibilities, segregation of duties, mobile devices and teleworking), Human resource security (prior to employment, during employment and termination and change of employment), Asset management (responsibility for assets, information classification and media handling), Access control (user access management), Cryptography, Physical and environmental security (physical security perimeter, physical controls, securing offices, rooms and facilities, protecting against external and environmental threats, removal of assets, unattended user equipment, clear desk and clear screen policy), Operations security (operational procedures and responsibilities, protection from malware, backup, logging and monitoring and technical vulnerability management), Communications security, Sytem acquisition, development and maintenance, Suppliers relationships, Information security incident management, Business continuity management, and Compliance.


16 hours

Bloom's Taxonomy

Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying)

Recommended reading

IISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements


There are no prerequisites for this certification

Recommended experience

Six months of work experience in Information Security

Validity period



$100 USD

How to get certified


Browse our certification programs and choose your certification.


Discover the exam objectives and prepare for your exam.


Register for your online proctored exam.


Take your online proctored exam in the comfort of your home or office.


Congratulations! You are certified!

Stackable Certifications

Earn 4 certifications and receive an integrator certification (designation).

InfoSec Foundation

Computer Forensics Foundation

Ethical Hacking Essentials

Cybersecurity Foundation

Information Security Specialist

Frequently Asked Questions

  • How much does an Itcerts certification exam cost?

    All exams are available for $100 USD each. Prices may vary slightly by region and currency exchange rates.

  • Are there any prerequisites to take the exams?

    There are no prerequisites to take the exams. Itcerts recommends that candidates have at least six months of work experience in the area that the certification covers.

  • What is the exam retake policy?

    If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).

  • How do I register for an Online Proctored Exam?

    Visit the Online Proctored Exam registration page to find complete instructions.

  • Are there any mandatory training to take an exam?

    Training is recommended as part of your certification preparation, but it is not mandatory.

  • Which languages are the exams available in?

    Our exams are currently available in English and Portuguese (Brazilian).

  • Where can I take the exams?

    Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.

  • Do the Itcerts certifications expire?

    Itcerts certifications are considered good-for-life and do not expire.

  • How can a potential employer verify my certifications?

    Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.



Subscribe to own newsletter