Introduction to the implementation of an Information Security Management System (ISMS) based on ISO/IEC 27001
Summary
This one-day training enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.
Who Should Attend
- IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
- Staff involved in the implementation of the ISO/IEC 27001 standard
- Expert advisors in IT
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
- Auditors
Learning Objectives
- To understand the fundamentals of information security
- To know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
- To know the key components of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001
- To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
- To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- To understand the stages of the ISO/IEC 27001 certification process
Title
-
Time Schedule
Lorem ipsum dolor sit amet communitas erdum, lacus et vulputate, velit nulla commodo sem ipsum dolor sit amet.
-
Location
Lorem ipsum dolor sit amet communitas erdum, lacus et vulputate, velit nulla commodo sem ipsum dolor sit amet.
-
Course Fee
Lorem ipsum dolor sit amet communitas erdum, lacus et vulputate, velit nulla commodo sem ipsum dolor sit amet.
Title
Course Detail Information
Course Agenda
- Introduction to the ISO 27000 standards family Introduction to management systems and the process approach
- General requirements: presentation of the clauses 4 to 8 of ISO/IEC 27001
- Implementation phases of the ISO/IEC 27001 framework
- Introduction to risk management according to ISO/IEC 27005
- Continual improvement of information security
- Conducting an ISO/IEC 27001 certification audit
Prerequisites
None
Examination and Certification
None
General Information
- A student manual containing over 100 pages of information and practical examples will be distributed to participants
- A participation certificate of 7 CPD (Continuing Professional Development) credits will be issued to participants