ISO Information Security – ISO 27001 ( FOUNDATION )
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
ISO 27001 is all about Information Security Management. ISO 27001 provides a framework that enables organisations to enhance the protection of information assets. Businesses that comply to the ISO 27001 standard display commitment to the improvement of control over their private information. With the growing reliance businesses have on the internet and operating within virtual spaces, keeping their information secure is critical to success. As a result, businesses are quick to introduce qualified professionals to fortify their systems and pre-empt cyber security threats to IT departments. It is not uncommon for businesses to both outsource or introduce an in-house solution.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- Describe the main information security management concepts, principles and definitions
- Explain the main ISO/IEC 27001 requirements for an information security management system (ISMS)
- Identify approaches, methods and techniques used for the implementation and management of an ISMS
- increase in efficient operating procedures
- High transparency with business operations
-
COURSE AUDIENCE
This course is made for
- IT Professionals
- Risk Management Professionals
- Information Security Specialists
- Internal Auditors and External Auditors
- ISMS Implementer and ISMS Team Members
- Senior Managers
- CEOs
- Aspiring ISMS professionals
- Business Managers
- Information Security Consultants
- Directors
-
COURSE OUTLINE
Day One
Introduction
- The 27001 standard
- 27001 mission
- 27001 high-level methodology
- 27001 focus
- Common interrelationships
- Review and monitor
- Improvement and maintenance
- Clauses of ISO 27001
Day Two
Information Security Management Systems (ISMS)
- What is an ISMS?
- Creating project plan according to ISMS ISO 27001
- Establishing management and governance frameworks
- ISMS principles
- ISMS benefits
- Scope of ISMS in an organisation
- Introduction to management systems
- Process approach
- Fundamentals
- The PDCA cycle
Day Three
Interaction with ISO 27005
- What is ISO 27005
- ISO 27001 vs ISO 27005
- Quantifying the business impact
- Impact severity
Day Four
Introduction to Auditing
- Defining auditing
- Types of audit
- Techniques and principles
- Phases of audit
Day Five
Performing ISO 27001 Audits
- Preparing audit reports
- Analysing data
- Auditing procedures
- Reviewing documents and reports
- Validating reports
- Designing and merging findings
- Classifying findings
- Planning, organising, and prioritising
- Factors that affect the reliability of audit findings
N.B: Exam fees are not included
