Use this quick start guide to collect all the information about EXIN ISMP Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the EXIN Information Security Management Professional based on ISO/IEC 27001 (ISMP) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual EXIN Information Security Management Professional based on ISO/IEC 27001 certification exam.
The EXIN ISMP certification is mainly targeted to those candidates who want to build their career in Data Protection and Security domain. The EXIN Information Security Management Professional based on ISO/IEC 27001 exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of EXIN ISMP.
EXIN ISMP Exam Summary:
| Exam Name | EXIN Information Security Management Professional based on ISO/IEC 27001 |
| Exam Code | ISMP |
| Exam Price | $304 (USD) |
| Duration | 90 mins |
| Number of Questions | 30 |
| Passing Score | 65% |
| Schedule Exam | Pearson VUE |
| Sample Questions | EXIN ISMP Sample Questions |
| Practice Exam | EXIN ISMP Certification Practice Exam |
EXIN ISMP Exam Syllabus Topics:
| Topic | Details | Weights |
|---|---|---|
Information security perspectives - 10% |
||
| Business interest of information security |
The candidate can… - distinguish types of information based on their business value. - explain the characteristics of a management system for information security. |
3.3% |
| Customer perspective on governance |
The candidate can… - explain the importance of information governance when outsourcing. - recommend a supplier based on security controls. |
3.3% |
| Supplier’s responsibilities in security assurance |
The candidate can… - distinguish security aspects in service management processes. - support compliance activities. |
3.3% |
Risk management - 30% |
||
| Principles of risk management |
The candidate can… - explain principles of analyzing risks. - identify risks for classified assets. - calculate risks for classified assets. |
10% |
| Control risks |
The candidate can… - categorize controls based on confidentiality, integrity, and availability. - choose controls based on incident cycle stages. - choose relevant guidelines for applying controls. |
10% |
| Deal with residual risks |
The candidate can… - distinguish risk strategies. - produce business cases for controls. - produce reports on risk analyses. |
10% |
Information security controls - 60% |
||
| Organizational controls |
The candidate can… - write policies and procedures for information security. - implement information security incident handling. - perform an awareness campaign in the organization. - implement roles and responsibilities for information security. - support the development and testing of a business continuity plan. |
20% |
| Technological controls |
The candidate can… - explain the purpose of security architectures. - explain the purpose of security services. - explain the importance of security elements in the IT infrastructure. |
20% |
| Physical controls and people controls |
The candidate can… - recommend controls for physical access. - recommend security controls for employment life cycle. |
20% |
To ensure success in EXIN ISMP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for EXIN Information Security Management Professional based on ISO/IEC 27001 (ISMP) exam.