Course Outline
1 - Introduction to ISO/IEC 27001 and initiation of an ISMS
- Training course objectives and structure
- Standards and regulatory frameworks
- Information Security Management System (ISMS)
- Fundamental information security concepts and principles
- Initiation of the ISMS implementation
- Understanding the organization and its context
- ISMS scope
2 - Planning the implementation of an ISMS
- Leadership and project approval
- Organizational structure
- Analysis of the existing system
- Information security policy
- Risk management
- Statement of Applicability
3 - Implementation of an ISMS
- Documented information management
- Selection and design of controls
- Implementation of controls
- Trends and technologies
- Communication
- Competence and awareness
- Security operations management
4 - ISMS monitoring, continual improvement, and preparation for the certification audit
- Monitoring, measurement, analysis, and evaluation
- Internal audit h Management review
- Treatment of nonconformities
- Continual improvement
- Preparing for the certification audit
- Certification process and closing of the training course
Target Audience
The job roles best suited to the material in this course are: Project managers and consultants involved in and concerned with the implementation of an ISMS, expert advisors seeking to master the implementation of an ISMS, individuals responsible for ensuring conformity to information security requirements within an organization