Latest News


ISO/IEC 27002 Name Change – FAQ’s

November 20, 2017

What is the reason for this update?

In 2017 EXIN conducted market research about the Information Security Management based on ISO/IEC 27002 programs. Based on the feedback from partners and candidates, EXIN found that several changes in the positioning of the program would better suit the needs of the market.

What will change and what will remain the same?

The main changes are:

  • The name of the program is changing to Information Security Management based on ISO/IEC 27001.
  • The recommended course duration for the foundation level is changing to 2 days. The exam itself will not change.
  • The advanced level (previously ISMAS) will be renamed to Information Security Management Professional based on ISO/IEC 27001. The foundation certificate will be removed as a prerequisite for the advanced level. It is still mandatory to follow a training and practical assignments should be a part of this accredited training.
  • The expert level (ISMES) will also undergo a slight name change to Information Security Management Expert based on ISO/IEC 27001. The advanced level will be removed as a prerequisite.
  • The other prerequisites will remain the same.

What is the timeline for the roll-out in the different languages?

The English versions of the products will go live on October 1st, 2017. The other languages will follow soon in Q4 of 2017.

What about Information Security candidates? Will they need to do anything?

No, they do not have to apply for a new certificate. The one they have is valid. As we removed foundation and/or professional level certificates as pre-requisites for the ISMP and the ISMES levels, it will be more interesting for experienced candidates to get trained and certified for the higher levels.

Can I update the certificates I have with the new name?

For Information Security Foundation and Information Security Management Expert, you can generate a reprint of the PDF certificate. The certificate will show the new name. For Information Security Management Advanced it is not possible to get a certificate with the new name without doing the exam again but it definitely has the same value.