ISO 27001 ISMS Essentials (Batch 191)

Information Security is a necessity for most organizations nowadays. Learn about the best practices for implementing and managing an information security management systems (ISMS) as specified in ISO/IEC 27001:2013, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This two-day course will help you understand how ISO/IEC 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security). Learn the essentials of Information Security Management Systems (ISMS) today.

At the end of this course, the participant should be able to:

  • Describe the implementation of an Information Security Management System in accordance with ISO/IEC 27001
  • Describe the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • Elaborate the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System
  • Demonstrate the knowledge necessary to implementing an Information Security Management System (ISMS) as specified in ISO/IEC 27001

Course Outline

  • Day 1 – Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001
    • Introduction to the ISO/IEC 27000 family of standards
    • Introduction to management systems and the process approach
    • Fundamental principles of Information Security
    • General requirements: presentation of the clauses 4 to 8 of ISO/IEC 27001
    • Implementation phases of ISO/IEC 27001 framework
    • Continual improvement of information security
    • Conducting an ISO/IEC 27001 certification audit
  • Day 2 – Implementing controls in information security according to ISO/IEC 27002
    • Principles and design of information security controls
    • Documentation of an information security control environment
    • Monitoring and reviewing the information security controls
    • Examples of implementation of information security controls based on ISO 27002 best practices

Who should attend

  • Information Security team members
  • Individuals responsible for Information Security, compliance, and risk within an organization
  • Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
  • IT consultants, IT professionals
  • Information Security officers
  • Privacy officers

Course Fee is inclusive of AM/PM snacks, lunch, access to the xworks learning management system, digital course materials, and course certificates.