Are you already familiar with ISO/IEC 27001:2005 and want to find out what has changed in the transition to ISO/IEC 27001:2013?
This course is particularly valuable for individuals directly involved in the planning, implementing, maintaining or auditing of an ISO/IEC 27001 Information Security Management System (ISMS).
An experienced instructor will explain the new ISO (high level) structure applied to new management systems and then through application: explain the resulting differences between ISO/IEC 27001:2005 and ISO/IEC 27001:2013, while explaining the impact of additions and amendments contained within the new international standard.
The course will also deal with the certification transition where this is applicable to your organization.
Prerequisites
You should have a good knowledge of ISO/IEC 27001:2005 and the principles of an ISMS.
Who should attend?
Anyone with ISO/IEC 27001 responsibility, including:
- Business Continuity, Risk, Information Security, IT and Operations Managers or Consultants
- Management system practitioners who will be converting to ISO/IEC 27001:2013
- Internal and external management system auditors who will be auditing to ISO/IEC 27001:2013
- People interested in finding out how ISO/IEC 27001:2013 differs from its 2005 version
What will I learn?
Upon completion of this training, participants will be able to:
- Explain the purpose and use by standard writers of Annex SL Appendix 2
- Describe in outline the framework for a generic management system
- Explain the new and revised terms and definitions
- Explain the new requirements relating to Context, Leadership, Planning and Support in Annex SL Appendix 2
- Communicate any changes in ISMS specific requirements arising as a result of transitioning from ISO/IEC 27001:2005 to ISO/IEC 27001:2013 (which has been written using Annex SL Appendix 2 as its framework)
- Explain the BSI certification transition arrangements
How will I benefit?
- Learn how to transition from ISO/IEC 27001:2005 to ISO/IEC 27001:2013
- Identify areas that need to change in your current ISMS
- Inform others about the requirements of ISO/IEC 27001:201
