{"id":4766,"date":"2010-11-30T16:58:53","date_gmt":"2010-11-30T16:58:53","guid":{"rendered":"https:\/\/multiacademstg.wpengine.com\/27001academy\/blog\/010\/11\/30\/how-to-learn-about-iso-27001-and-bs-25999-2\/"},"modified":"2025-07-08T14:28:09","modified_gmt":"2025-07-08T14:28:09","slug":"how-to-learn-about-iso-27001-and-bs-25999-2","status":"publish","type":"post","link":"https:\/\/staging.advisera.com\/27001academy\/blog\/2010\/11\/30\/how-to-learn-about-iso-27001-and-bs-25999-2\/","title":{"rendered":"How to learn about ISO 27001 and BS 25999-2"},"content":{"rendered":"<p>Training is certainly one of the best ways to facilitate your <a href=\"\/27001academy\/what-is-iso-27001\/\" target=\"_blank\" rel=\"noopener noreferrer\">ISO 27001<\/a> and <a href=\"https:\/\/staging.advisera.com\/27001academy\/what-is-bs-25999\/\" target=\"_blank\" rel=\"noopener noreferrer\">BS 25999-2<\/a> implementation. As there are more and more types of courses available, I\u2019ll try to explain their benefits and the differences between them.<\/p>\n<p>The first is the list of in-person courses \u2013 these courses are still prevalent, but steadily losing share in favour of online courses (explained at the end of this article).<\/p>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">ISO 27001 or BS 25999-2 Lead Auditor Course<\/h2>\n<p>This is the most popular course for either ISO 27001 or BS 25999-2 \u2013 it lasts 5 days, and finishes with a written exam. The exam is quite difficult, so one could consider that this is the top course for those two standards. If you do pass the exam, you can become an auditor for a certification body, but that is not its main benefit \u2013 it is the most useful for professionals implementing the standards because it gives an excellent overview of the standards and provides in-depth explanations of what the certification auditors will ask for at the certification audit. Therefore, it is useful for both auditors and implementers.<\/p>\n<p>The target audience for this course are professionals with moderate or significant experience in information security, business continuity, auditing or IT. You should choose only accredited courses (e.g. by IRCA).<\/p>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">ISO 27001 or BS 25999-2 Lead Implementer Course<\/h2>\n<p>This course is somewhat similar to, but not so popular as ISO 27001 or BS 25999-2 Lead Auditor Course. The difference is that it focuses on implementation techniques rather than auditing techniques \u2013 therefore, if the certification is not your concern, you may find this course more suitable.<\/p>\n<p>Here the target audience is similar &#8211; professionals with moderate or significant experience in information security, business continuity or IT.<br \/>\n<div id=\"middle-banner\" class=\"banner-shortcode\"><\/div><script>loadMiddleBanner();<\/script><br \/>\n<div id=\"side-banner-trigger\" class=\"banner-shortcode\"><\/div><\/p>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">ISO 27001 or BS 25999-2 Internal Auditor Course<\/h2>\n<p>This course is a \u201clight\u201d version of ISO 27001 or BS 25999-2 Lead Auditor Course \u2013 it usually lasts 2 or 3 days, could be with or without an exam, and the content is a condensed version of Lead Auditor Course. The main difference is that with this course you cannot pursue a career as an auditor in a certification body; however, if you want to get a systematic introduction to the world of ISO 27001 or BS 25999-2 or you plan to be an internal auditor in your company, this course is the right choice for you.<\/p>\n<p>The target audience are professionals with little or moderate experience in information security, business continuity or IT.<\/p>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">ISO 27001 or BS 25999-2 Foundation Course \/ Introduction Course<\/h2>\n<p>These courses usually last for one or two days \u2013 their purpose is not to teach you about auditing or implementation techniques, but to give you an overview of the requirements and implementation issues. If you don\u2019t have a lot of time to spare and you want to know what you company will be experiencing during implementation, do think about one of these courses.<\/p>\n<p>The target audience are members of the management, or professionals with no experience in information security or business continuity.<\/p>\n<div class=\"responsive-video-wrapper\"><iframe loading=\"lazy\" title=\"ISO 27001 Foundations Training - What to expect and how to prepare?\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/rJ5qf6kfDy4?feature=oembed&#038;rel=0\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">Other information security \/ business continuity courses<\/h2>\n<p>You may have heard of Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) \u2013 although I consider these courses very useful for your information security or business continuity career, they are not directly relevant to ISO 27001 or BS 25999-2. Therefore, you should attend CISA, CISM and\/or CISSP after you complete courses directly related to the two standards.<\/p>\n<h2 style=\"padding-top: 10px; padding-bottom: 10px;\">Online courses<\/h2>\n<p>In addition to the above mentioned in-person courses, online courses (either in the form of e-learning or live webinars) are becoming increasingly popular, partly because of the lower costs \u2013 no travelling expenses, no lost time away from office. There are more and more vendors on the Internet, offering more and more quality content (including our 27001Academy) \u2013 you can find courses lasting from 1 hour (e.g. <a href=\"https:\/\/staging.advisera.com\/27001academy\/webinars\/\" target=\"_blank\" rel=\"noopener noreferrer\">free webinars<\/a>) to a few weeks (e.g. e-learning courses).<\/p>\n<p>The main benefit of online courses is that you can receive more relevant knowledge in a shorter period of time and for less money, although the question of real effectiveness of such courses still remains unanswered.<\/p>\n<p>But, regardless of which form or type of course you take, be sure about one thing \u2013 the return on investment will show very quickly.<\/p>\n<p><em>Check out this free online training <\/em><a href=\"https:\/\/staging.advisera.com\/training\/iso-27001-foundations-course\/\" target=\"_blank\" rel=\"noopener noreferrer\">ISO 27001 Foundations Course<\/a><em> that explains every step in ISO 27001 implementation.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Training is certainly one of the best ways to facilitate your ISO 27001 and BS 25999-2 implementation. As there are more and more types of courses available, I\u2019ll try to explain their benefits and the differences between them. The first is the list of in-person courses \u2013 these courses are still prevalent, but steadily losing &#8230;<\/p>\n","protected":false},"author":26,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[381,474,611],"class_list":["post-4766","post","type-post","status-publish","format-standard","hentry","category-blog","tag-iso-27001","tag-training-awareness","tag-bs-25999-2"],"acf":[],"_links":{"self":[{"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/comments?post=4766"}],"version-history":[{"count":2,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4766\/revisions"}],"predecessor-version":[{"id":103568,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4766\/revisions\/103568"}],"wp:attachment":[{"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/media?parent=4766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/categories?post=4766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/staging.advisera.com\/27001academy\/wp-json\/wp\/v2\/tags?post=4766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}