ISO/IEC 27001 provides a model for developing, implementing, maintaining and continually improving an Information Security Management System (ISMS). Information is one the most valuable assets an organisation posses. No organisation could function without security of its information and IT systems.
Information comes in many forms: electronic, printed copy, photographic and verbal. It includes organisations’ own information and that which comes from customers, suppliers and other stakeholders.
Increasingly, ISO 27001 is being adopted globally in all sectors by organisations large and small to combat fraud, prevent intentional and unintentional loss of information and to deter corruption. Investors in national and overseas markets see ISO 27001 certification as a valuable asset. The UK Information Commissioner’s Office (ICO) has recommended that an ISMS based on ISO 27001 as a means of demonstrating compliance with the Data Protection Act 1998.
This brief is designed to be delivered in-house. It will give management a clear understanding of how ISO 27001 offers a robust solution for ensuring compliance with current and future regulatory requirements by establishing a permanent system and culture for information security management.
Who should attend
Managers who wish to obtain a clear understanding of how intelligent implementation of ISO 27001 can ensure that their organisation has the means to manage current and future threats to information security. Afterwards, they should be able to discuss and answer the questions “Is ISO 27001 right for us?” and “Would ISO 27001 certification add still more value to our business?”.
- Attendees will have a clear understanding of the intent and structure of the ISO 27001 and how it enables top management to fully meet their duty of care obligations and enhance competitiveness.
- The knowledge gained will enable them to make informed decisions about the implementation of ISO 27001 in their organisation.
- The nature of threats to information security and why traditional approaches , including insurance do not offer adequate protection
- Reasons for global adoption of ISO 27001 and its impact on international trade
- Purpose and scope of ISO 27001
- Structure of ISO 27001 and its rationale
- Implementing ISO 27001 in a way which tailors the ISMS for your organisation
- Demonstrating effective information security management to regulators, customers and other stakeholders
- Achieving ISO 22301 certification and using it to competitive advantage
This half-day brief comprises an illustrated presentation and discussion relevant to the organisation’s business. Each participant will receive a written summary.
Terms and conditions for our public courses