Course Benefits
- Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
- Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS
- Learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization
- Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS
- Acquire the expertise to advise an organization in implementing Information Security Management System best practices
Course Contents
Day 1: Introduction to ISO/IEC 27001 and initiation of an ISMS
- Training course objectives and structure
- Standards and regulatory frameworks
- Information Security Management System (ISMS)
- Fundamental information security concepts and principles
- Initiation of the ISMS implementation
- Understanding the organization and its context h ISMS scope
Day 2: Planning the implementation of an ISMS
- Leadership and project approval
- Organizational structure
- Analysis of the existing system
- Information security policy
- Risk management
- Statement of Applicability
Day 3: Implementation of an ISMS
- Documented information management
- Selection and design of controls
- Implementation of controls
- Trends and technologies
- Communication
- Competence and awareness
- Security operations management
Day 4: ISMS monitoring, continual improvement, and preparation for the certification audit
- Monitoring, measurement, analysis, and evaluation
- Internal audit
- Management review
- Treatment of nonconformities
- Continual improvement
- Preparing for the certification audit
- Certification process and closing of the training course
Day 5: Certification Exam
