HomeCoursesISO 27001 Information Security Awareness

🔏 ISO 27001 Information Security Awareness

Free ISO/IEC 27001:2022 information security awareness training with a completion certificate.

Last updated: June 2026

Understand the world's information security management standard — the ISMS, the CIA triad, the PDCA cycle, clauses 4-10, risk assessment and treatment, the 93 Annex A controls in four themes, the Statement of Applicability, and your everyday role in keeping information secure. It maps to ISO/IEC 27001:2022. The course is organized into 7 modules, ending with a final exam (pass mark 80%). It is free awareness-level training designed for anyone who needs a practical, working understanding of the topic.

What you'll learn

  • What is ISO 27001 & the CIA triad
  • The PDCA cycle & the key clauses
  • Risk assessment & treatment
  • Annex A: 93 controls & the Statement of Applicability
  • Common threats: phishing, social engineering & malware
  • Passwords, MFA & access control
  • Your everyday role & incident reporting

Learning objectives

  • Explain what ISO/IEC 27001:2022 and an ISMS are, and why organizations adopt and certify them
  • Define the CIA triad: confidentiality, integrity and availability, with everyday examples
  • Describe the PDCA structure and how it maps to clauses 4-10 of the standard
  • Outline information security risk assessment and the four risk-treatment options
  • Recognize the 93 Annex A controls and their four themes, and the role of the Statement of Applicability
  • Identify common threats — phishing, social engineering, malware, weak passwords
  • Apply everyday secure behaviour and report security incidents and near-misses promptly