Information Security Management Systems (ISMS) Training Courses

Our digital footprint continues to expand exponentially as organizations now store more information about individuals and record our interactions. Managing how that information is stored, shared, accessed and controlled is complex, complicated to manage and prone to risk. Risk isn’t restricted to the digital domain either as breaches can occur in unexpected ways such as photographs of highly sensitive information being captured by the press and publicized, to devices with private data becoming lost or stolen. Organizations today need to be equipped to manage the security of their information or risk exposing themselves to culpability, criminality and liability. ISO/IEC 27001:2013 is the current international standard that sets out the requirements to establish, implement and continually improve an information security management system. A management system based on this standard will take into account the needs and objectives of the organization, the security requirements, the business processes, the size and structure of the organization and it can adapt to changes in these areas over time. An effective management system will also enhance stakeholder confidence when looking at a business’s ability to adequately protect its information assets. Our courses follow a structure to help you familiarize yourself with the standard in the Requirements course to learning how to implement an ISMS in an organization. To check your ISMS conforms with the standard, we can teach you how to audit or lead a team to conduct the auditing of it. We also have courses for individuals and lead auditors handling the transition from the previous version of the standard, ISO/IEC 27001:2005 to the current version, ISO/IEC 27001:2013.


Training courses

Practical Information Security and Risk Assessment Training >

A security risk assessment and audit (SRAA), privacy impact assessment (PIA) and privacy compliance audit (PCA) is a systematic assessment of a project that identifies the impact that the project might have on the security risk and privacy of individuals, and sets out recommendations for managing, minimising or eliminating that impact. It’s definitely helpful for implementing ISO 27001 as well as ISO 27701 to facilitate information and privacy security.

HK$3500

1 day course│ Now available online