Skip to main content

ISO 27001 Foundation — Sydney & Melbourne

eLearning delivered by PECB master trainers Graeme Parker, Andro Kull · Online-live & in-person led by Aegentra's NV1-cleared, ISO 27001-certified instructors · Aegentra Academy

Build a working understanding of ISO/IEC 27001:2022 and the principles of an Information Security Management System (ISMS). The Foundation pathway covers the standard's structure, the Annex A control families, and the day-to-day responsibilities of operating an ISMS.

ISO 27001 Foundation course — $399 AUD, PECB-certified. The Aegentra Academy ISO 27001 Foundation is a PECB-accredited, self-paced online program priced at $399 AUD, including the official PECB exam voucher and one free resit within 12 months. Instructor-led cohorts are also available in Melbourne and Sydney. Aegentra Academy is an official PECB authorised training partner in Australia.

This PECB-accredited course is sold and supported by Aegentra Academy — an official PECB authorised training partner in Australia. Every enrolment includes the official PECB certification exam voucher and one free resit within 12 months of purchase. Courses run online and self-paced through the myPECB platform; instructor-led cohorts and in-person delivery are also available in Melbourne and Sydney.

PECB is accredited by ANAB (ANSI National Accreditation Board) under ANSI/ASTM E2659-18, plus UKAS, IAS, and COFRAC. Your PECB credential is internationally recognised and accepted on resumes, tender responses, and procurement panels worldwide. Verify credentials through the official PECB partner directory.

Aegentra Academy courses are delivered by active practitioners — the same senior engineers who run ISO 27001 readiness and GRC engagements and Microsoft 365 hardening for Australian SMBs. Tax invoices with GST and ABN are issued automatically at checkout. Multi-seat team pricing is available — email Academy@aegentra.com.au for an enterprise quote. Professionals across Melbourne, Sydney, Brisbane, Perth, Adelaide, Canberra, and New Zealand enrol online.

Where ISO 27001 lands in Australia

ISO 27001 is the de facto security qualifier for Australian procurement. Defence-industry suppliers building toward Defence Industry Security Program (DISP) membership, Commonwealth and state tenders referencing the Protective Security Policy Framework (PSPF) at Maturity Level 2 and above, APRA-regulated banks, insurers, and super funds evidencing CPS 234, and operators captured by the Security of Critical Infrastructure (SOCI) Act all lean on ISO 27001 as the implementation template. It maps cleanly onto the ACSC Essential Eight — the Essential Eight tells you what to do, ISO 27001 tells you how to run the system that decides what to do.

Employers hiring GRC analysts, internal auditors, ISMS coordinators, and security-cleared compliance staff across Melbourne, Sydney, Brisbane, Canberra, Perth, and Adelaide list ISO 27001 credentials as expected. The PECB credential earned here is the internationally recognised, ANAB-accredited qualification those roles ask for.

Who teaches this course

The self-paced eLearning for the ISO 27001 Foundation course is delivered by the following PECB-certified master trainers. Online-live and in-person cohorts in Melbourne and Sydney are led by Aegentra's own NV1-cleared, ISO 27001-certified instructors.

Graeme Parker — Cybersecurity & Information Security Expert

PECB Certified Trainer, ISO 27001, ISO 22301, ISO 42001. A Security, Technology, Risk, and Compliance professional with vast experience across private and public sector roles spanning financial services, government, manufacturing, healthcare, and retail. A certified PECB trainer delivering ISO/IEC 27001, ISO 22301, ISO/IEC 42001, CISSP, CISM, and CISA courses globally across the UK, USA, Canada, and Europe.

Andro Kull — Senior Consultant & Auditor in Information and Cyber Security

PhD, PECB Partner & Trainer, MSECB Auditor, ISO/IEC 27005 Lead Risk Manager, CISO. PhD Andro Kull is the CEO of ConsultIT Ltd. and a board member, recognised for his expertise as a PECB Partner, Trainer, and MSECB Auditor. He serves as a Lead Implementer for the NIS 2 Directive and as a Chief Information Security Officer (CISO). With certifications as an ISMS Master and Lead Cybersecurity Manager, he also specialises in PIMS and ITSM as a Lead Implementer and Auditor, and is an expert in BCMS, ISO/IEC 27002 Lead Manager, ISO/IEC 27005 Lead Risk Manager, and ISO/IEC 27035 Lead Implementer.

For the full certification landscape — process, costs, timelines, and how this course fits into a wider readiness program — read the ISO 27001 Certification Australia: A Complete Guide (2026).

ISO 27001 Foundation — Frequently Asked Questions

What does the PECB ISO 27001 Foundation course cover?

Five modules covering the structure of ISO/IEC 27001:2022, the Plan-Do-Check-Act cycle, the four Annex A control themes (Organisational, People, Physical, Technological — 93 controls in total), the day-to-day operation of an ISMS, and exam preparation. Total effort is 8-12 hours of self-paced study.

Is the PECB ISO 27001 Foundation recognised in Australia?

Yes. PECB is accredited by ANAB (ANSI National Accreditation Board) under ISO/IEC 17024 for personnel certification — the same accreditation framework that JAS-ANZ uses in Australia. The credential is recognised by Australian Commonwealth and state government tenders, APRA-regulated financial-services hiring, DISP-registered defence-industry employers, and every certification body operating in Australia.

Do I need experience in information security to take the Foundation course?

No prior experience required. The Foundation pathway assumes no ISO knowledge and no security background — it is the entry point. If you have already implemented controls in a previous role you will move through the material faster, but the course is written for absolute beginners.

What is the difference between Foundation, Lead Implementer, and Lead Auditor?

Foundation is awareness — you can describe the standard. Lead Implementer is execution — you can scope, build, and operate an ISMS from scratch, including writing the Statement of Applicability and preparing for a stage-2 audit. Lead Auditor is verification — you can plan and conduct internal, supplier, and certification audits to ISO 19011. Most people start at Foundation, then choose Implementer or Auditor based on the work they will actually do.

How long does the ISO 27001 Foundation course take?

Typical effort is 8-12 hours of self-paced study spread over one to two weeks. You have 12 months of myPECB access so the pace is yours — some learners finish in a weekend, others spread it across a month while working full-time.

How is the Foundation exam structured?

One-hour, multiple-choice, online-proctored. The exam covers two competency domains — fundamental concepts of an ISMS, and information security management based on ISO/IEC 27001. Pass mark is 70%. You receive your PECB digital certificate within a few business days of passing.

Is the exam included in the $399 AUD price?

Yes. The official PECB exam voucher plus two exam attempts (initial sit plus one free resit if you do not pass on the first attempt) are included. There is no separate exam fee.

Can I sit the exam from anywhere in Australia?

Yes. PECB exams are remotely proctored and delivered through the myPECB portal. You need a quiet room, a webcam, and a stable internet connection. There is no requirement to travel to a test centre in Sydney, Melbourne, or anywhere else.

What makes the Aegentra Foundation course different?

Every authorised PECB Foundation course leads to the same credential — the certificate is identical wherever you buy it. The differences are price, format, and who supports you. Aegentra delivers Foundation at $399 AUD with the official PECB exam, one free resit, and 12 months access included. We are an Australian security consultancy run by active NV1-cleared practitioners, not a pure training company — so your Academy support inbox is staffed by people who run real ISMS programs.

What is the difference between ISO 27001 and the Essential Eight?

ISO 27001 is a management-system standard — it certifies that your organisation has an end-to-end process for governing information security. The Essential Eight is a technical baseline published by the Australian Signals Directorate covering eight mitigations (application control, patch applications, etc.). The Essential Eight tells you what to do; ISO 27001 tells you how to run the system that decides what to do. Many Australian organisations implement both, with ISO 27001 as the umbrella and Essential Eight controls referenced inside the Annex A control set.

How does ISO 27001 align with APRA CPS 234?

APRA CPS 234 is the prudential standard for information security for APRA-regulated entities (banks, insurers, super funds). Most CPS 234 obligations — board-level accountability, an information-asset inventory, classified information-security capability, incident response, internal audit — map directly onto ISO 27001 clauses and Annex A controls. Foundation gives you the language to see those mappings; Lead Implementer is what you need to actually build the ISMS that satisfies them.

Will the Foundation credential help with a tender, RFP, or vendor security questionnaire?

Indirectly. Tenders and questionnaires usually ask whether your organisation holds the ISO 27001 certification (which is awarded to companies, not individuals). What Foundation does is make the staff completing those questionnaires meaningfully faster and more accurate — they understand the question being asked and the evidence that satisfies it. If the goal is the organisational ISO 27001 certificate, talk to us about the Govern service.

What CPD credits do I earn?

PECB awards 14 CPD credits on completion of the ISO 27001 Foundation course. These count toward maintenance of other PECB credentials and toward CPD requirements at most professional bodies (ISACA, (ISC)², AISA) on submission.

How long is the Foundation certificate valid?

The Foundation credential does not expire and does not require renewal. The certificate is dated and refers to the ISO/IEC 27001:2022 edition; if the standard is significantly revised in future you may choose to take a refresher course, but there is no mandatory recertification.

Can my employer pay or reimburse?

Yes. Either complete checkout yourself and forward the Stripe tax invoice for reimbursement, or write to Academy@aegentra.com.au and we will issue an invoice direct to your organisation with payment terms. Groups of five or more receive a discount.

When can I start the course?

Immediately after payment. The Academy team confirms your seat with PECB and you receive login details by email — usually within one business day.

How long do I have access to the course?

You have 12 months of access from enrolment. That window covers the course material, the official PECB exam, and one free resit if you need it.

What if I fail the exam?

One PECB-issued resit is included in your enrolment at no extra cost. Most learners who use the included study materials and sit the resit within 30 days pass on their second attempt.

Can my employer be invoiced directly?

Yes. Either complete the checkout yourself and forward the Stripe tax invoice to your employer for reimbursement, or write to Academy@aegentra.com.au and we will issue an invoice to your organisation with payment terms.

Is the credential recognised internationally?

Yes. PECB is an accredited certification body recognised globally. The credential is the same one issued through any authorised PECB training partner — recognised by employers, audit bodies, and government tenders worldwide.

Do you offer group bookings for teams?

Yes. Groups of five or more receive a discount and can be enrolled with a single invoice. Write to Academy@aegentra.com.au with the course, number of seats, and start window.

What is your refund policy?

All enrolments are non-refundable. Once payment is confirmed your PECB seat is provisioned and the course materials become available, so refunds cannot be issued. Please review the course details carefully before purchase, and email Academy@aegentra.com.au if you have questions before enrolling.