ISO/IEC 27032:2012 Guidelines for Cybersecurity Training Course

The cyberspace is a complex environment. It involves different types of interactions between people, software, hardware and physical locations to support with storage, processing, communication and service delivery for a wide range of information. This means the security requirements vary depending upon use, criticality and sensitivity of the information, as well as the level of collaboration between stakeholders.

International Standards such as ISO/IEC 27002 provide some best practice recommendations on information security controls, however risks relating to cybersecurity need extra technical guidance including:

  • Social engineering attacks
  • Hacking
  • Proliferation of malicious software (malware)
  • Spyware
  • Other potentially unwanted software

Building on the concepts and framework specified in ISO/IEC 27001, the best practice guidance and techniques in ISO/IEC 27032 help you to manage and respond to these cybersecurity issues, including how to:

  • Prepare for attacks, whether by malware or by unauthorised entities
  • Detect and monitor attacks
  • Respond to attacks

This course will provide you with knowledge on ISO/IEC 27032 so you can understand, prepare for, detect, respond to and monitor issues related to cybersecurity for your organization.  You will be provided with:

  • An overview of cybersecurity
  • An explanation of the relationship between cybersecurity and other types of security
  • A definition of stakeholders and a description of their roles in cybersecurity
  • Guidance for addressing common cybersecurity issues

A framework to enable stakeholders to collaborate on resolving cybersecurity issues

Who should attend?

Anyone who wants to learn:

  • How to identify, analyse and evaluate risks associated with cybersecurity
  • What techniques, methods and controls can be implemented in order to help mitigate cybersecurity risks
  • What ongoing governance, risk monitoring and collaboration processes can be implemented to ensure that cybersecurity issues continue to be appropriately managed

 The course is applicable to individuals from any size or type of organization who is currently, or will in the future, be involved in planning, implementing, maintaining, supervising or assessing information security, particularly as it relates to cybersecurity.


You should have a basic knowledge of ISO/IEC 27001:2013 and ISO/IEC 27002:2013, as well as an understanding of the key principles of an information security management system.

It would be advantageous to have a basic understanding of risk management techniques and processes and knowledge of ISO/IEC 27005 or ISO 31000.

We also recommend that you have an awareness of cybersecurity issues and basic understanding of information security principles and terminology.

Some delegates on this course will have already attended our Information Security Management System (ISMS) Requirements of ISO 27001:2013, Information Security Management System (ISMS) Implementing ISO/IEC 27001:2013 course or Information Security Risk Management Training Course ISO/IEC 27005:2011. 

We also recommend delegates have an understanding of the risk assessment approach currently employed in their organizations, should one exist. 

What will I learn?

You will be able to:

  • Explain the nature of the cyberspace and cybersecurity
  • Who the cybersecurity stakeholders are and what their roles are
  • Recognise what assets, stakeholders, threats and vulnerabilities exist in the cyberspace
  • Identify methods for ensuring cybersecurity attack readiness
  • Explain the benefits of implementing ISO/IEC 27032
  • Utilize the risk management principles to identify and respond to cybersecurity risks
  • Integrate the key concepts and requirements of ISO/IEC 27032 into an ISO/IEC 27001:2013 compliant information security management system (ISMS)
  • Implement the topics covered in ISO/IEC 27032 in your organization 

How will I benefit?

This course will help you:

  • Identify key benefits associated with using ISO/IEC 27032 to protect information assets which could be affected by cybersecurity threats
  • Understand the ISO/IEC 27032 best practice guidance and techniques related to cybersecurity
  • Understand the rationale behind the processes, the use and the implementation of ISO/IEC 27032
  • Understand the issues organizations face when dealing with cybersecurity
  • Understand the best practice approaches to adopt in order to address and manage issues related to cybersecurity
  • Understand how to prepare for and respond to cybersecurity threats
  • Determine and implement appropriate collaboration between different stakeholders to ensure effective responses to incidents

What's included?

  • Detailed course notes and lunch are provided
  • On completion, you'll be awarded an internationally recognized BSI Training Academy certificate

Course Resources

View the course guide through the below link:

COVID-19: Important information on classroom-based training courses

BSI is closely monitoring UK Government Advice regarding the safety of classroom-based training courses. In the event of a classroom-based course being deemed unsafe, your training booking will be automatically transferred to online delivery using our highly-interactive virtual classroom - Connected Learning Live.

If you have any questions regarding your booking, please contact or call +46 (0)707 401147.

Booking a course delivered via Connected Learning Live?

Take advantage of our exclusive offers, only available in July and August 2020*

Book a July or August Connected Learning Live course date and you’re entitled to unlock one of the following benefits:

  • Option 1: Get 50% off a second delegate booking fee
    Offer applicable to public courses delivered via Connected Learning Live in July and August 2020 only. Second delegate must attend the same course date
  • Option 2: Save £500 on a BSI Diploma in Quality Management
    Offer applicable to delegates that have booked a public course delivered via Connected Learning Live in July and August 2020 only

Contact our training team today to find out more and book your place. Call +46 (0)707 401147 or email

*Terms and conditions: Applies to all public BSI UK training courses, taking place in July and August 2020 via Connected Learning Live only. Call our training team on +46 (0)707 401147 or email for more information. Second delegate must attend the same course date as the first delegate. Moves, changes and cancellations are not permitted. Payment required or invoice issued at the time of bookings. This offer does not apply to BSI re-sellers or Cybersecurity and BRCGS courses. Offer is for new BSI UK training bookings only. Offer is not to be used in conjunction with any other offer. Offer subject to availability of training courses. Bookings are non-transferable. All other terms and conditions for training courses apply.