The NFC supersedes both the ISO/IEC 27001, ISO/IEC 27002 & ISO/IEC 27005 in the context of cyber security. Just login...


NFC - Information Security Management Systems Certification Scheme (ISMS)


The NFC Information Security Management Systems (ISMS) Certification Scheme is for IT security managers ranging from CIO, CSO, CISO, CTO etc. To be certified, you will have to demonstrate that you have the skills to audit the proper implementation of NFC - ISMS as a stand alone or as an integrated part of ISO27001 and ISO27002.

Who the scheme is for:

  • ISMS auditors, such as those employed/contracted by third-party certification/registration bodies and those involved in first or second-party ISMS audits
  • Information security practitioners, such as information security consultants, IT security managers and IT personnel
  • Employees conducting ISMS audits within their own organisation (internal audits).


As an information security management systems auditor you need to demonstrate that you:

  • Know the range of application for an ISMS
  • Know information security-related legislation applicable to the country(s) of operation
  • Know the techniques and tools used in information security management
  • Understand the potential business impacts of ISMS
  • Understand the importance of asset and owner identification
  • Know the control objectives and how these are addressed
  • Understand risk assessment and identification
  • Understand threats, vulnerabilities and impacts
  • Understand the difference between risk assessment and risk evaluation
  • Understand the methodology of risk treatment, application, residual risk and review of risk treatment plan
  • Know and understand the importance of the statement of applicability in the ISMS, and how it is used
  • Know the difference between an IS event and incident.

The ISMS scheme is based on the following key standards:

  • NFC 4010 Information security management systems – Cyber crimes mitigation
  • NFC 4011 Information security management systems – Cyber crimes mitigation on cloud infrastructure
  • NFC 4012 provides correspondence and alignment with NFC 4010 and NFC 4011

Download list of acceptable alternative standards to NFC4010

See for yourself. Try The NFC ISMS®™ Platform

Start today. No software to download or install. Contact us or call us at +1 800 745 4355