ISO/IEC 27001:2013 Information Security Management Systems: Implementation
Recent high profile information security breaches and the value of information are highlighting the ever increasing need for organizations to protect their information. An Information Security Management System (ISMS) is a controlled approach to managing sensitive company information so that it remains secure. It encompasses people, processes and Information Management Security Systems.
The objective of this course is to provide delegates with the necessary skills to implement an ISMS that is compliant with the requirements of ISO 27002 and meets the certification requirements of ISO/IEC 27001. The course will provide delegates with a framework for implementation.
Who should attend?
- Staff tasked with the implementation and management of a ISO/IEC 27001 Information security management system.
- Designed for those with information security responsibility
- Anyone working within information security, including consultants
What will I learn?
Upon completion of this training, delegates will be able to:
- What is information security management (ISM)
- Why ISM is important to an organization
- The benefits of ISM
- The background of ISO/IEC 27001/2
- The key concepts and principles of ISO/IEC 27001:2013
- The terms and definitions used
- The main requirements of ISO/IEC 27001:2013
- Identify a typical framework for implementing ISO/IEC 27001 following the PDCA cycle
- Interpret the requirements of ISO/IEC 27001 from an implementation perspective in the context of their organization
- Implement key elements of ISO/IEC 27001
How will I benefit?
- An understanding of effective information security management throughout an organization and therefore protection of your information (through integrity, confidentiality and availability) and those of your interested parties.
- Create the framework for your own Information Security Management System (ISMS)