ISO/IEC 27005 Risk Manager Exam
Who should Apply?
The objective of the “PECB ISO/IEC 27005 Risk Manager” exam is to ensure that the candidate has the knowledge and skills to support an organization in implementing, maintaining and managing an ongoing information security risk management program according to PECB ISO/IEC 27005. If you’re a risk manager responsible for information security or conformity within an organization, an experienced project manager, consultant and/or ISO auditor in information security management looking to understand the value of a risk management program to your organisation, to certify your skills, stand out to employers/clients and maximize your earning potential, PECB’s “PECB ISO/IEC 27005 Risk Manager” credential is the right choice for you.
Content of the exam
The “PECB ISO/IEC 27005/31000 Risk Manager” exam fully meets the requirements of the PECB Exam Certification Programme (ECP). The exam covers the following competence domains:
Prepare for the exam
Candidates are responsible for their own study and preparation for the exam. No specific set of courses or curriculum of study is mandatory as part of the certification process. The completion of a recognized "PECB ISO/IEC 27005 Risk Manager” course or program of study can significantly enhance your chance of passing a PECB certification exam.
PECB’s training schedule is available here.
To find a training provider, review PECB’s qualified training partners.
How to Apply?
Candidates must complete the exam application form here. Candidates will be required to register for a password-protected account where they can then create, manage, update, and submit their application.
Applicants can pay their application fees online and upload all required supporting documents to PECB. Applicants will also have the option of mailing the payment (via cheque) although this will result in delays of the application process.
Applicants will be able to select a date and location for their certification exam. PECB’s training schedule is available here.
You must register at least fourteen (14) days before the exam date.
The “PECB ISO/IEC 27005 Risk Manager” exam is available in different languages (the complete list of languages can be found in the exam application form).
Take the exam
Candidates will be required to arrive at their chosen location at least 30 minutes before the beginning of the certification exam. Candidates arriving late will not be given additional time to compensate for the late arrival and if late more than 30 minutes after the beginning will not be allowed to enter the exam room. They will also be required to remain outside the exam room and to be given an individual briefing prior to being permitted to enter the exam room and commence the exam.
All candidates will need to present to the proctor one example of photo-id issued by a national, regional or state body, along with their exam confirmation letter.
The exam consists of essay-type questions. During the exam participants may use all PECB provided documentation plus their own course notes but will not be permitted to use any computer, laptop or any other electronic device. The exam lasts 2 hours.
After the exam and application for certification
It may take up to 8 weeks for candidates to receive their exam results. All results are sent via email. The exam results will not include the exact grade that you had, only whether you passed or failed. In the case of a failure, the results will be accompanied with the list of domains in which you had a mark lower than the passing grade to provide guidance in preparing yourself to retake the exam.
After successfully completing the “PECB ISO/IEC 27005 Risk Manager” exam, participants can apply for the credentials of PECB ISO/IEC 27005 Provisional Risk Manager, PECB ISO/IEC 27005 Risk Manager or PECB ISO/IEC 27005 Lead Risk Manager, depending on their level of experience. The requirements for certification are explained in detail in PECB certification section.
Certification fees are included in the exam price.
A certificate will be issued to participants who successfully pass the exam and comply with all other requirements related to the selected level of credential.