This one-day training enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.
Who should attend?
- IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
- Staff involved in the implementation of the ISO/IEC 27001 standard
- Expert advisors in IT
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
- To understand the fundamentals of information security
- To know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
- To know the key components of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001
- To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
- To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- To understand the stages of the ISO/IEC 27001 certification process