This course takes participants step-by-step through a process for developing an Information Security Management System (ISMS) in line with ISO 27001. Explanations will be given in clear, practical ways which will help to remove the complexity associated with the subject of information security management.
Training applies accelerated learning techniques in a series of practical, team-based workshops.
Who should attend
- Persons have been appointed to co-ordinate ISO 27001 implementation and need to know how the task should be managed to make it successful.
- Risk managers, compliance managers, corporate governance managers, functional heads, project managers and IT professional who wish to obtain a more detailed understanding ISO 27001’s requirements and the practical means of putting an ISMS in place which fits their organisation.
- Individuals who will be directly involved in developing the ISMS within their areas of responsibility.
- Participants will have a clear and practical understanding of how to plan and undertake Information Security Management System development in line with ISO 27001 requirements.
- Sponsor organisations will have employees in key roles with knowledge to enable ISO 27001 to be implemented and buy-in based on understanding of the potential benefits.
- Purpose and logical structure of ISO 27001
- Opportunities for reducing current and future threats to information security
- Interpreting ISO 27001 requirements for your organisation
- Scoping and planning the ISMS and planning the ISO 27001 Initiative
- Creating the Information Security Policy
- Identifying and analysing information security risks
- Determining appropriate strategy and measures for treating risk
- Developing information security management processes and controls
- Developing the Statement of Applicability
- Determining and defining security objectives
- Determining roles, responsibilities and authorities within the ISMS and the Initiative
- Planning and implementing communications relevant to information security
- Evaluating information security performance and effectiveness of the ISMS
- Integrating the ISMS within the business and ensuring a harmonious fit with other business processes
- Ensuring first time certification to ISO 27001
This 3-day course comprises a series of interactive tutorials, discussions and practical exercises. Each participant will receive a set of course notes and, on completion of the course, a certificate.
Terms and conditions for our public courses