Description
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement. During the five-day training, you will learn the importance of an ISMS and develop skills to implement the requirements. You will leave knowing how to undertake a gap assessment and will have gained awareness of management tools and techniques.
Who should attend?
- Managers or consultants involved in and/or concerned with the implementation of an information security management system in an organization
- Project managers, consultants, or expert advisers seeking to master the implementation of an information security management system; or individuals responsible to maintain conformity with the ISMS requirements within an organization
- Members of the ISMS team
Course Objectives
- Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001.
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an implementer.
- Initiate and plan the implementation of an ISMS based on ISO/IEC 27001, by utilizing PECB’s IMS2 Methodology and other best practices.
- Support an organization in operating, maintaining, and continually improving an ISMS based on ISO/IEC 27001.
- Prepare an organization to undergo a third-party certification audit.
The benefits
- The internal audit process will benefit from auditors who have received the proper training.
- Conformance to the Information Security Management Systems Standard
- Continual improvement of processes with the organisation.
- Identification of key areas of interest to Certification Bodies as the training covers the objectives of the certification criteria as well as processes, policies, and procedures.
Modules
- Introduction to information security management
- Key changes in ISO 27001:2013 vs ISO 27001:2022
- The ISO 27000 series of standards
- Explain the history and development of ISO/IEC 27001
- Describe what an Information Security Management System (ISMS) is
- Benefits of an ISMS
- Identify key concepts, principles and structure
- Identify the main requirements of ISO/IEC 27001
- Explain key elements of a management system implementation process
- Identify a typical framework for implementing ISO/IEC 27001 following the PDCA cycle
- Conduct a base line review of the organizations current position with regard to ISO/IEC 27001
- Interpret the requirements of ISO/IEC 27001 from an implementation perspective in the context of their organization
- Implement key elements of ISO/IEC 27001
- Identify the leadership skills, based on best practice, to lead the implementation of an ISO/IEC 27001 Management System
- Complete the Lead Implementer ISO/IEC 27001 Certificate Exam
Certification
- Certificate of Attendance
- Certificate of Competency
Assessment
There will not be an assessment at the end of the course for traditional classroom training however the following applies for eLearning:
- Delegates have to complete the assessment with a minimum score of 60% to receive a Certificate of Competence.
- Delegates who score between 50% and 59% will get a second attempt at the assessment.
- If you fail the second attempt, will need to repurchase the course.