ISO/IEC 27004:2009 Information Security Management System (ISMS) Measurement Course
The Course is based on ISO 27004 – ISMS Measurement; known as information security metrics which is an essential tool for effective ISMS development and management. This will help you to understand the information security risks you face by implementing and operating an Information Security Measurement Program.
The objective of this course is to provide delegates with the necessary skills for development and use of measures and measurement methods in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001. This includes policy, information security risk management, control objectives, controls, processes and procedures etc… The course will provide delegates with a framework for measurements program development and operation.
Who should attend?
- Staff tasked with the implementation and management of a ISO/IEC 27001 Information security management system
- Information Security Managers
- Information security consultants
What will I learn?
- Information Security Measurement Programme
- Management responsibilities
- Measurement Function
- Definition of measurement scope
- Identification of information needed
- Base measure and measurement method
- Measure selection
- Information security measurement model
- Indicators and analytical model
- Measurement results and decision criteria
- Measurement implementation and documentation
- Measurement Procedure integration
- Measurement operation
- Measurement construct examples
- Evaluation criteria; identification for the Information Security Measurement Programme
- Monitor, review, and evaluate the Information Security Measurement Programme
What are the benefits?
Both the objective and result of the course will be to measure, report and systematically improve the effectiveness of your Information Security Management Systems (ISMS) under the expert tutelage and guidance of a BSI tutor. Take the knowledge and skills imparted during this exercise and use them to improve and protect your business.
Participants who successfully complete the course will be issued a certificate by BSI