Implementing ISO/IEC 27001 : 2013
Recent high profile information security breaches and the value of information are highlighting the ever increasing need for organisations to protect their information. An Information Security Management System (ISMS) is a controlled approach to managing sensitive company information so that it remains secure. It encompasses people, processes and Information Management Security Systems. The objective of this course is to provide delegates with the necessary skills to implement an ISMS that is compliant with the requirements of ISO 17799 and meets the certification requirements of ISO/IEC 27001. The course will provide delegates with a framework for implementation.
Who is it for?
Staff tasked with the implementation and management of a ISO/IEC 27001 Information security management system.
Information security consultants
The course is designed for people who have a good understanding of ISO/IEC 27001 and ISO 17799 Information security management systems, (attendance of Introduction to Information Security or the ISO/IEC 27001 lead auditor course is recommended).
You will learn
Background to Information Security
Determination of scope and Information Security policy
Identification of information assets
Determination of the value of information assets
Determination of risk and impacts
Identification of control objective and controls
Definition and implementation of polices.
Production and implementation of policies, standards and procedures
Completion of ISMS documentation requirements
Production of a ISMS Project Implementation Plan.
Both the objective and result of the course will be the construction of an effective ISMS under the expert tutelage and guidance of a BSI tutor. Take the knowledge and skills imparted during this exercise and use them to improve and protect your business.
Training course notes
16 CPD hours