Information Security Management Advanced

Information security is becoming increasingly important. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet.

The module Information Security Management Advanced based on ISO/IEC 27002:2013 (ISMAS.EN) tests organizational and managerial aspects of information security.

Target group

Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities.


The Certificate Information Security Management Advanced is part of the qualification program Information Security. The module is followed up by the Certificate Information Security Management Expert.


The Information Security Foundation Certificate or an equivalent.

Requirements for the certificate

  • The Information Security Management Advanced training course with an EXIN accredited training provider (ATP), including having successfully fulfilled the two (2) practical assignments as part of the course.
  • Successful completion of the exam Information Security Management Advanced.

Exam content

  1. Information security perspectives: (10%)
  2. Risk Management (30%)
  3. Information security controls: (60%)

Exam Details

Number of questions: 30
Pass mark: 65% (20 of 30) 
Open book/notes: no 
Electronic equipment permitted: no