Developing Information Security Controls – an ISO 27001 Workshop

  • Course Duration: 1 day


ISO 27001 requires an organisation to develop appropriate controls for treating identified risks to information security. This is a critical activity within the process for developing an Information Security Management System (ISMS). Get it wrong and the efficacy of those controls will be flawed.

It is also one of the most challenging steps in ISMS development including the Statement of Applicability. Control objectives and controls must be developed across the span of the ISMS. This will require the co-ordinated efforts of many functions and individuals using an agreed methodology and criteria. Moreover, it is something which is entirely new and unfamiliar to most organisations.

This in-house workshop will be led by consultants who are skilled facilitators, knowledgeable in ISO 27001 and internationally experienced the development and implementation of modern management systems. Participants will be guided step-by-step through the process of developing control objectives and controls specifically for your organisation.

Please Contact Us for more information and to obtain a quotation.

Who should attend

  • Persons have been appointed to co-ordinate ISO 27001 implementation.
  • Risk managers, risk assessors and risk owners.
  • IT managers and other IT professionals.
  • Corporate governance managers.
  • Functional heads and project managers in project-based organisations.
  • Data managers and document controllers.
  • Individuals who will be directly involved in developing the ISMS within their areas of responsibility.


  • Participants will acquire the knowledge and skills to develop control objectives and controls to effectively treat risks and to be able to update information security controls over time
  • Sponsor organisations will have a capable core resource to develop and maintain one of the vital elements of the ISMS, thereby protecting the organisation from information security threats


This workshop comprises a series of tasks led and supported throughout by experienced consultants. The event will be planned and conducted according to the particular requirements of the organisation.

The aim is not only to achieve the intended deliverables but to do so in a way which is highly motivating and enjoyable for all participants

Each participant will receive a set of course notes and, on completion of the course, a certificate.

Training Course Enquiry Form

Please complete the following form in order that we can provide a proposal and quotation for in-house training. Alternatively, call us on 01722 741281.

Terms and conditions for our public courses