ISO/IEC 27001 Introduction

Introduction to the implementation of an Information Security Management System (ISMS) based on ISO/IEC 27001

Duration: 1 day
Prerequisites: None

Who Should Attend:

  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
  • Staff involved in the implementation of the ISO/IEC 27001 standard
  • Expert advisors in IT
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Auditors
  • To understand the fundamentals of information security
  • To know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
  • To know the key components of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001
  • To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
  • To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To understand the stages of the ISO/IEC 27001 certification process

Summary

This one-day training enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.

General Information

  • A student manual containing over 100 pages of information and practical examples will be distributed to participants
  • A participation certificate of 7 CPD (Continuing Professional Development) credits will be issued to participants
  • Introduction to the ISO 27000 standards family Introduction to management systems and the process approach
  • General requirements: presentation of the clauses 4 to 8 of ISO/IEC 27001
  • Implementation phases of the ISO/IEC 27001 framework
  • Introduction to risk management according to ISO/IEC 27005
  • Continual improvement of information security
  • Conducting an ISO/IEC 27001 certification audit