ISO 27001 Introduction Course (1 day)

Summary

This one-day training enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.

Who should attend?

IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
Staff involved in the implementation of the ISO/IEC 27001 standard
Expert advisors in IT
CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
Auditors

Learning objectives

To understand the fundamentals of information security
To know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
To know the key components of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001
To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
To understand the stages of the ISO/IEC 27001 certification process

Course Agenda

Introduction to the ISO 27000 standards family Introduction to management systems and the process approach
General requirements: presentation of the clauses 4 to 8 of ISO/IEC 27001
Implementation phases of the ISO/IEC 27001 framework
Introduction to risk management according to ISO/IEC 27005
Continual improvement of information security
Conducting an ISO/IEC 27001 certification audit

Prerequisites

None

Examination and Certification