Transitioning from ISO/IEC 27001:2005 to ISO/IEC 27001:2013

This one-day course is aimed at those who already have or are implementing an Information Security Management System (ISMS) conforming to ISO/IEC 27001:2005.

As the information security standard is now available, all who have an interest in the standard can now learn what is required to conform and transition to the current version. 

This training course will teach you all you need to know about transitioning to ISO/IEC 27001:2013, and will teach you how to adapt to the new and changed clauses. You’ll learn the updated structure of ISO/IEC 27001:2013 and new concepts such as the context of an organization and performance evaluations.

As a prerequisite, knowledge of the existing ISO/IEC 27001:2005 standard is highly recommended. 

Who should attend?

This is intended for those who are involved in the certification process for ISO/IEC 27001:2005 in particular internal and external ISMS implementers.

Suggested job roles include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Learning objectives

  • What is the new high-level structure of ISO/IEC 27001:2013
  • What are the requirements of the standard
  • How to recognize the differences between the 2005 and 2013 versions of the standard
  • What updated processes apply to an organization's ISMS

Course Benefits

  • Your company will have internal knowledge to carry out a more effective transition when migrating over an existing ISMS to conform to ISO/IEC 27001:2013
  • Apply the changes to the standard to your organization
  • Improve the efficiency of your information security management system
  • Manage your ISMS transition effectively
  • Gain a deeper understanding of information security best practice

Next Steps

  • ISO 9001 Lead Auditor - Learn how to implement a quality management system in your organization, and understand how to conduct global best practice internal and external audits
  • ISO/IEC 27001 Lead Implementer - Learn how to implement the ISO/IEC 27001 standard within your organization, and understand how to get the most out of your information security management system
  • Risk Management and Operational Planning - Learn how to develop and implement operational plans to help you identify and manage business risk with our two-day Risk Management and Operational Planning course
  • Auditing Cloud Security for STAR Certification - Led by an experienced tutor, this one day course will help you learn how to audit cloud security for the STAR certification programme and learn how to apply the maturity model when auditing a provider’s security controls