What is the exam structure and domains?

PECB Exams are based on competency domains, specific for each exam, and exam questions are developed to evaluate candidates’ competency by measuring their comprehension, application, analysis and evaluation of these domains.

As an example, the 7 competency domains that are evaluated in the ISO/IEC 27001 Lead Implementer exam are:

  • Domain 1: Fundamental information security principles and concepts
  • Domain 2: Planning an ISMS based on ISO 27001
  • Domain 3: Implementing an ISMS based on ISO 27001
  • Domain 4: Information security control best practices, based on ISO 27002
  • Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001
  • Domain 6: Continuous improvement of an ISMS based on ISO 27001
  • Domain 7: Preparing for an ISMS certification audit

To see the competency domains for each exam, please visit the Exam Preparation Guides in the PECB website, and then select an exam.

Shopping Basket
Scroll to Top
💬 Need help?