The information security management system (ISO 27001) foundation course gives an overview and basics of the international standard ISO 27001. Information security, the availability, security and integration of the data assets of an organization is very important for effective implementation of all processes within the organization. The increasing developments in the communication and technology, caused the increase of the importance of security, availability and integrity of data Information security management system established according to the international standard ISO 27001 would help organizations to comply all these requirements and further more brings many opportunities as it is one of the efficiency standard. By ensuring less effluent organizations will save more.
Understanding the requirements of the standard and have basic knowledge how to implement is would always be important for operating an effective information security management system. With this one day foundation course delegates will get the basic implementation examples and will fully understand the requirements of the ISO 27001 standard.
This course aims to provide delegates who have an existing, basic knowledge of, or experience in, quality management with an understanding of the management systems approach and the requirements of ISO 27000, and to provide a basis for delegates who wish to go on to complete CQI and IRCA Certified ISMS Auditor Training courses.
Purpose & Benefits Of information security Management System, Information security management and interrelation with the system, Terms and definitions used in information security management, Relationship between ISO/IEC 27001 and ISO/IEC 27002 requirements, Analysis of ISO 27001:2013 requirements, Objectives and controls and Statement of Applicability (SoA), ISO 14001:2015 Documentation and Record Requirements, Scope of an information security management system, Information security management Policy, Information security management Objectives, Risk assessment process, Risk treatment process, Control objectives and controls, Monitoring, Measurement And Analysis, Improvement.
What You Will Get?
By Attending this course you will be able to:
* Make decisions and evaluate alternatives for the development of an effective information security management system
* Effectively operates in your organizations information security management system.
* Understand and evaluate the requirements of the information security management system standard ISO 27001.
* Add new certificate to your carrier.
Who Should Attend?
Information security management system foundation course is specifically suitable for managers, supervisors, and individuals those have roles in management of data assets in any organization or anyone wishing to understand, successfully implement and evaluate the effectiveness of information security management in their organisations. Also useful to anyone who needs an introduction to information security management or those wishing to attend the other information security management courses like internal auditor or lead auditor courses.
This course will benefit you best with your initial knowledge about;
Understand the Plan-Do-Check-Act (PDCA) cycle
a) Information security management
Knowledge of the following information security management principles and concepts:
Awareness of the need for information security;
The assignment of responsibility for information security;
Incorporating management commitment and the interests of stakeholders;
Enhancing societal values;
Using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
Incorporating security as an essential element of information networks and systems;
The active prevention and detection of information security incidents;
Ensuring a comprehensive approach to information security management;
Continual reassessment of information security and making of modifications as appropriate.
b) ISO/IEC 27001
Knowledge of the requirements of ISO/IEC 27001 (with ISO/IEC 27002) and the commonly used information security management terms and definitions, as given in ISO/IEC 27000, which may be gained by completing CQI and IRCA Certified ISO 27001:2013 Foundation (ISMS) Training course or equivalent.