Implementing ISO/IEC 27001

In this three day training course, our experienced tutors teach you how to consider the state of your organization’s current information security management practices in preparation to put in an ISMS.

You should already have a good understanding of the requirements of the current standard and our tutors will tap into that knowledge so that you can develop your skill and understanding of the practicalities involved when setting up a typical management system framework that conforms with ISO/IEC 27001:2013.

This will enable you to play a key role in ensuring your organization is compliant to ISO/IEC 27001:2013 Information Security Management.

ISO/IEC 27001:2013 provides the model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS to protect your information assets.

After attending this course, you will be in a position to use this model and be able to develop an ISMS suitably appropriate for your organization.

This course is identical to the first three days of our ISO 27001 Lead Implementer training course.


Who should attend?

This is intended for those who will be involved in advising top management on the introduction of ISO/IEC 27001:2013 into an organization. It is especially relevant for those who have the responsibility to implement information security management in a business or provide consultation on the subject.

Suggested job roles and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Prerequisites:

You should already understand how ISO/IEC 27001:2013 works (for delegates who do not have this, we recommend attending our Introduction to ISO/IEC 27001 course)

Learning objectives

  • How to identify a typical framework to implement an ISMS compliant with  ISO/IEC 27001:2013 following the Plan, Do, Check, Act (PDCA) cycle
  • How to conduct a base line review of the organization’s current position with regard to ISO/IEC 27001:2013
  • How to interpret the requirements of ISO/IEC 27001:2013 from an implementation perspective in the context of your organization
  • How to implement key elements of ISO/IEC 27001:2013

Course Benefits

  • Acquire expertise to support your organisation in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001:2013
  • Develop vital processes, policies and procedures that can be put into practice effectively
  • Create the framework for your own Information Security Management Systems (ISMS) 
  • Successful implementation will improve the protection of your organization’s private data to meet your market assurance and corporate governance needs

Next Steps

  • ISO/IEC 27001 Lead Auditor - Learn the skills necessary to conduct audits against ISO/IEC 27001 and lead audit teams in auditing information security management systems with our IRCA accredited 5-day course
  • Risk Management and Operational Planning - Learn how to develop and implement operational plans to help you identify and manage business risk with our two-day Risk Management and Operational Planning course
  • Auditing Cloud Security for STAR Certification - Led by an experienced tutor, this one day course will help you learn how to audit cloud security for the STAR certification programme and learn how to apply the maturity model when auditing a provider’s security controls