Course Overview
ISO/IEC 27001 is recognized globally as a best practice framework for an information security management system (ISMS). It helps organizations embed resilience and protect their personal records and commercially sensitive information from business risk and vulnerabilities.
If you’ve already got an understanding of ISO/IEC 27001 and need to implement a management system then this course is for you. Most delegates on this course have already attended our ISO/IEC 27001 Requirements course and are ready to develop the knowledge to implement an effective ISMS. You will learn how best to implement the requirements, as well as how to carry out a gap assessment.
Target Audience
This course is for you if:
• You need to implement or manage a new ISO/IEC 27001 management system
• You’re part of a team involved in ISO/IEC 27001
Course Outline
Day 1
• What is an ISMS?
• Key terms and definitions
• Implementing a management system
• Baseline gap analysis
• Context
• Interested parties
• Scope
• Leadership
Day 2
• Planning process
• Risks and opportunities
• Support
• Operation
• Monitoring, measurement,analysis & evaluation
• Internal audit and management review
• Noncomformity, corrective action process and improvement
• Integration
• Gap Analysis - Risk Assessment
Day 3
• Cost Estimation
• Monitor and Measure
• Selection of Controls -Statement of Applicability
• Requirements and documentation
• Review
• Legal Requirements and Communication
• Information on Practical Controls
• Plan, Do, Check, Review
• Course review and questions
• Reflection and feedback
