Courses Details
Course Overview
ISO/IEC 27001 is recognized globally as a best practice framework for an information security management system (ISMS). It helps organizations embed resilience and protect their personal records  and commercially sensitive information from business risk and vulnerabilities.

If you’ve already got an understanding of ISO/IEC 27001 and need to implement a management system then this course is for you. Most delegates on this course have already attended our ISO/IEC 27001 Requirements course and are ready to develop the knowledge to implement an effective ISMS. You will learn how best to implement the requirements, as well as how to carry out a gap assessment.
Course Schedule
Target Audience
This course is for you if:
• You need to implement or manage a new ISO/IEC 27001 management system
• You’re part of a team involved in ISO/IEC 27001
Course Prerequisites
Must have a thorough understanding of ISO/IEC 27001
Expected Accomplishments

Upon completion of this training, delegates will be able to:

  • What is information security management (ISM)
  • Why ISM is important to an organization
  • The benefits of ISM
  • The background of ISO/IEC 27001/2
  • The key concepts and principles of ISO/IEC 27001:2013
  • The terms and definitions used
  • The main requirements of ISO/IEC 27001:2013
  • Identify a typical framework for implementing ISO/IEC 27001 following the PDCA cycle
  • Interpret the requirements of ISO/IEC 27001 from an implementation perspective in the context of their organization
  • Implement key elements of ISO/IEC 27001
Course Outline
Day 1
• What is an ISMS?
• Key terms and definitions
• Implementing a management system
• Baseline gap analysis
• Context
• Interested parties
• Scope
• Leadership

Day 2
• Planning process
• Risks and opportunities
• Support
• Operation
• Monitoring, measurement,analysis & evaluation
• Internal audit and management review
• Noncomformity, corrective action process and improvement
• Integration
• Gap Analysis - Risk Assessment

Day 3
• Cost Estimation
• Monitor and Measure
• Selection of Controls -Statement of Applicability
• Requirements and documentation
• Review
• Legal Requirements and Communication
• Information on Practical Controls
• Plan, Do, Check, Review
• Course review and questions
• Reflection and feedback