ISO/IEC 27001标准是面向组织的信息安全管理体系国际标准,也是国际范围内最受推崇和关注的信息安全管理要求和实施框架。BSI作为ISO/IEC 27000系列标准的最初缔造者和权威认证机构,在标准解读和审核实践方面积累了丰富的经验。
按照ISO/IEC 27001的要求建立信息安全管理体系,可以有效的保护组织的信息资源、保障业务安全的开展以及信息安全领域的管理合规。
本课程的目标是使学员熟悉ISO/IEC 27001:2022新版标准的内容,了解如何有效过渡到ISO/IEC 27001:2022,了解如何实施和审核 ISO/IEC 27001:2022版新增要求和控制措施,具备体系的监督与审核能力。课程将会给学员带来切实的帮助、完整的知识以及满足进行内部审核和第二方审核(供应商或分包商)要求的技能。
This course provides a review to the updated standard from ISO/IEC 27001:2013, what the key differences are and how an organization may implement and audit these changes.
This on-demand eLearning course will provide the knowledge required to update and manage your information security management when certifying to ISO/IEC 27001:2022.
目标对象
具有ISO/IEC 27001资格的实施者和审核员或具有同等知识和经验的人。建议的工作角色包括:
- 负责实施和管理信息安全管理体系的人员
- 负责审核其信息安全管理体系的人员
ISO/IEC 27001 qualified implementers and auditors or those with equivalent knowledge and experience. Suggested job roles include:
- Those responsible for implementing and managing an information security management system
- Those with responsibilities for auditing their information security management system
课程亮点
你可以在适合自己的时间学习,从任何支持互联网的设备上24/7访问该课程。
You can study in your own time when it suits you, and you can access the course from any internet-enabled device 24/7.
课程收益
- 学习如何高效的将组织现有的信息安全管理体系转换为 ISO/IEC 27001:2022 版本
- 了解作为内审员如何审核管理体系附录A中更新和新增的控制
- 了解转版过渡时间表,以及你需要做什么准备
- Learn how to effectively transition your ISMS to ISO/IEC 27001:2022
- Gain an understanding of the new Annex A controls and how ISO/IEC 27002:2022 can support
- Understand how to audit the changes to the management system and new Annex A controls
- Understand the transition timeline and what you need to do to prepare
