Masterclass: ISO/IEC 27001 Information Security Management Systems

This masterclass will provide you with the knowledge and skills to implement, maintain and improve the more technical aspects of an information security management system (ISMS) based on ISO/IEC 27001:2013.

Using short presentations, discussions, self-reflection and classroom activities, this masterclass will delve into deeper technical areas, requirements and concepts than would be covered in an ISO/IEC 27001:2013 Lead Implementer training course.

An expert BSI tutor will be on hand to facilitate discussions, draw insights and experiences among the class. This will bring to life the concepts for designing and maintaining an ISMS to achieve sustained success. It will enable you to maximize the applicability of your learning from the masterclass to your workplace.

The masterclass will cover the context of the organization and integration with business processes. The value of information is rising, and organizations are expected to act to protect it.

To address this, an ISO 27001 information security management system (ISMS) can be managed and improved by organizations in various industries all around the world. To establish, manage and maintain a robust ISMS, competent staff are vital in enabling information security resilience.

Our ISO/IEC 27001:2013 masterclass is designed for information security professionals seeking to further develop in their information security journey. You’ll have the chance to critically appraise processes, hands-on, and take away sound knowledge of ISO 27001, the ISMS framework, and how best to apply this.

Who should attend?

This masterclass is for anyone involved in the detailed technical management and improvement of an ISMS based on ISO/IEC 27001:2013. It is suitable for many roles including:

  • Information security professionals to gain new perspectives in ISMS practices
  • Consultants who have desire to take their information security knowledge to an advanced level
  • Information security professionals who oversee the management of an ISMS

Please note: If you’re more interested in the process of implementation, you will find our Implementation course more appropriate. If you’re leading an implementation team and want to learn about the requirements, process and project management aspects of the implementation of an ISMS, our Lead Implementer course is more suitable.

What will I learn?

You’ll have the knowledge to:

  • Communicate more challenging ISMS requirements in detail, using supporting standards as applicable
  • Identify information security risk management processes
  • Explain differences, relationships and use between ISO/IEC 27001 and ISO/IEC 27002 (Information technology - Security techniques - Code of practice for information security controls)
  • Detail the key concepts and implementation guidance of ISO/IEC 27002
  • Explain how guidance standards ISO/IEC 27005 (Security techniques - Information security risk management) and ISO/IEC 27004 (Monitoring, measurement, analysis and evaluation) are used in an effective ISMS


You’ll have the skills to:

  • Ascertain and monitor legal requirements
  • Determine likelihood and consequence scales
  • Generate a risk management procedure and conduct information security risk management
  • Select and implement ISO/IEC 27002 clauses as controls
  • Establish information security objectives
  • Develop monitoring and measurement tools
  • Generate a statement of applicability (SoA)

How will I benefit?

This masterclass will help you to:

  • Gain an understanding of effective information security management throughout an organization, and therefore protection of your organization’s information (through integrity, confidentiality and availability) and those of your interested parties
  • Gain hands on experience of the key requirements of ISO 27001, in alignment with best practices and templates used in various implementation projects
  • Advance your level of knowledge and skills on ISMS management
  • Explore different perspectives of managing an ISMS which can lead to increased effectiveness and efficiency of your current ISMS

What is included?

Masterclass: ISO/IEC 27001 Information Security Management Systems training material. 

Course resources

Course guide (PDF)