Course Overview
ISO/IEC 27001 is recognized globally as a best practice framework for an information security management system (ISMS). It helps organizations embed resilience and protect their personal records and commercially sensitive information from business risk and vulnerabilities.
In this one day course, our trainer will explain the requirements of ISO/IEC 27001:2013 to help you understand how it could apply to your organization and the potential benefits of adopting it.
The requirements course will also help you understand how the standard works in preparation for attending the internal and lead auditing training courses.
Target Audience
- Any individual requiring a working knowledge and understanding of ISO 27001 standard
- Security Professionals/Consultants
- IT security officers
- Internal/External auditors
- ISO Coordinators/Management Representatives
Course Objectives
Understand information security management definitions, concepts, and guidelines
Understand the purpose of the ISO 27000 series of standards
Understand the requirements of the ISO 27001:2013 standard
Understand the structure of an Information Security Management System
How to evaluate conformity to requirements
Course Prerequisites
A prior review of the ISO 27001:2013 and ISO 27002:2013 standards and knowledge of information security practices is suggested for this course
Expected Accomplishments
• Be confident in explaining the importance of an ISMS
• Gain an understanding of the main ISO/IEC 27001 requirements and how to start to apply them within your business
• Develop professionally
• Network with likeminded peers
Course Outline
What is information security management (ISM)
Why ISM is important to an organization
What are the benefits of ISM
What is the background of ISM
What are the key concepts and principles in ISO/IEC 27001:2013
The terms and definitions used
The main requirements of ISO/IEC 27001:2013