IC32
Also known as: ISA/IEC 62443 Cybersecurity Fundamentals Specialist
IC32 is the entry-level course in ISA's ISA/IEC 62443 Cybersecurity Certificate Programme. It covers the foundations of industrial cybersecurity, the structure of the IEC 62443 standard, and the concepts needed before progressing to specialist certificates such as IC33, IC34, and IC37.
Last updated: April 2026
Key Facts
- Full name
- Using the ISA/IEC 62443 Standards to Secure Your Industrial Control Systems
- Common name
- IC32
- Issuing body
- ISA (International Society of Automation)
- Standard reference
- ISA/IEC 62443 series
- Certificate awarded
- ISA/IEC 62443 Cybersecurity Fundamentals Specialist
- Format
- 3 days classroom, 3 days virtual classroom, or self-paced modular
- Prerequisite
- None (entry point to the programme)
- Audience
- Plant operators, integrators, IT security staff working in OT, control engineers
- Exam
- 75 multiple-choice questions, taken separately from the course
- Validity
- ISA certificates do not expire
- Next courses
- IC33, IC34, IC37 (in any order)
What is IC32?
IC32 introduces delegates to the structure and concepts of the ISA/IEC 62443 series of standards. The course covers cybersecurity fundamentals applied to operational technology, the differences between IT and OT cybersecurity, the structure of the IEC 62443 series, key concepts such as zones and conduits and security levels, the cybersecurity lifecycle, and how the standard applies to real industrial environments. IC32 is the prerequisite for all other certificates in the ISA programme. The certificate exam is taken separately from the course and earns the ISA/IEC 62443 Cybersecurity Fundamentals Specialist designation.
ISA/IEC 62443 Certificate Path Starting From IC32
| Course | Certificate | Required Role |
|---|---|---|
| IC32 | Cybersecurity Fundamentals Specialist | Entry to the programme |
| IC33 | Cybersecurity Risk Assessment Specialist | Risk assessment |
| IC34 | Cybersecurity Design Specialist | Design |
| IC37 | Cybersecurity Maintenance Specialist | Maintenance |
| IC48 (Fast Track) | All three above (5 days) | Combined for experienced delegates |
| All four (or IC48) | Cybersecurity Expert | Top of programme |
How IC32 Maps to the Standard
IC32 maps directly to the ISA/IEC 62443 series. The course structure mirrors how the standards are organised: general concepts (62443-1-x), policies and procedures (62443-2-x), system requirements (62443-3-x), and component requirements (62443-4-x). Delegates leave with a working knowledge of how to navigate the standard family, which prepares them for the specialist certificates that go deeper into specific roles.
How Cybersecurity Training Providers Deliver IC32
ISA delivers IC32 directly through classroom, virtual classroom, and self-paced modular formats. Authorised training partners also deliver the classroom and virtual versions. The self-paced modular format suits delegates who need flexibility; it gives up to a year to complete modules before sitting the certificate exam. Most external training providers running OT cybersecurity programmes use IC32 as the entry point and progress delegates through IC33, IC34, IC37, or the IC48 fast track over time. An LMS supporting IC32 training needs flexible enrolment, identity verification at exam, content delivery integration with ISA's modular format where applicable, audit-ready records, and tracking that supports delegates progressing through the four-certificate programme.
Common Questions
Do I need IT security experience to take IC32?
No formal experience is required. Some IT or OT background helps, but IC32 is designed as the entry point. Most providers note that 1 to 2 years of relevant experience makes the content easier to absorb.
Is IC32 the same as the Cybersecurity Fundamentals Specialist certificate?
IC32 is the course; Cybersecurity Fundamentals Specialist is the certificate awarded after passing the separate exam. Many delegates take the course but do not sit the exam if they only need the knowledge.
How long does IC32 take?
Three days for classroom or virtual classroom delivery, plus separate exam preparation and the exam itself. Self-paced modular delegates typically complete in 4 to 12 weeks.
Do ISA certificates expire?
No. ISA certificates do not have a renewal cycle. Other bodies that issue IEC 62443 certificates, such as Kiwa/IBEX, may have validity periods (typically 2 years).
Can I skip IC32 and go straight to IC33?
No. IC32 is a prerequisite for IC33, IC34, and IC37. The IC48 fast-track also requires IC32 completion before enrolment.
Train Your Delegates with Blend-ed
OT cybersecurity training providers need an LMS that supports cohort-based delivery, self-paced modular formats, certification exam workflows, and progression tracking through the four-certificate ISA programme. Blend-ed runs flexible enrolment, identity verification at exam, audit-ready records, and progression dashboards that let delegates and admins track their path through IC32 toward the Cybersecurity Expert designation.
- Test your knowledge first with the IEC 62443 practice quiz
- Compare LMS platforms for compliance training in regulated industries
- Compare for external training providers more broadly
