ISO 27001 Certification

Certifying Your People, Your Best Assests

ISO/IEC 27001

Introduction

Summary

This one-day training enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.

Who should attend?

  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
  • Staff involved in the implementation of the ISO/IEC 27001 standard
  • Expert advisors in IT
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Auditors

Learning objectives

  • To understand the fundamentals of information security
  • To know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
  • To know the key components of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001
  • To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
  • To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To understand the stages of the ISO/IEC 27001 certification process
 Read more from the PECB website.

ISO/IEC 27001

Foundation

Summary

This course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This training also helps to understand how ISO/IEC 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).

Who should attend?

  • Members of an information security team
  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
  • Staff involved in the implementation of the ISO/IEC 27001 standard
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks

Learning objectives

  • To understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001
  • To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To know the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System
  • To acquire the necessary Knowledge to contribute in implementing an Information Security Management System (ISMS) as specified in ISO/IEC 27001
Read more from the PECB website.

ISO/IEC 27001

Lead Implementer

Summary

This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects). This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of an ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who should attend?

  • Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS)
  • ISO/IEC 27001 auditors who wish to fully understand the Information Security Management System implementation process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an information security function or for an ISMS project management function

Learning objectives

  • To understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001
  • To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System
  • To understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To acquire the necessary expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
  • To acquire the necessary expertise to manage a team implementing ISO/IEC 27001
  • To develop the knowledge and skills required to advise organizations on best practices in the management of information security
  • To improve the capacity for analysis and decision making in the context of information security management
Read more from the PECB website.

ISO/IEC 27001

Lead Auditor

Summary

This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011 the certification process according to ISO 17011.Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit.

Who should attend?

  • Internal auditors
  • Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information security audit function

Learning objectives

  • To acquire the expertise to perform an ISO/IEC 27001 internal audit following ISO 19011 guidelines
  • To acquire the expertise to perform an ISO/IEC 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
  • To acquire the necessary expertise  to manage an ISMS audit team
  • To understand the operation of an ISO/IEC 27001 conformant information security management system
  • To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To improve the ability to analyze the internal and external environment of an organization, its risk assessment and audit decision-making
Read more from the PECB website.

ISO/IEC 27001

Management System

ISO/IEC 27001 Information Security Management System standard ensures organizations keep information assets secure, by building an information infrastructure against the risks of loss, damage or any other threat to your assets.

Companies that obtain ISO/IEC 27001 certification validate that the security of financial information, intellectual property, employee details, or information entrusted from third parties is being successfully managed and continually improved according to best practice approaches and framework.

Benefits of ISO/IEC 27001 certification to your organization:

  • Provides senior management with an efficient management process
  • Provides you with a competitive advantage
  • Reduces costs due to incident and threat minimization
  • Demonstrated compliance with customer, regulatory and/or other requirements
  • Sets out areas of responsibility across the organization
  • Communicates a positive message to staff, customers, suppliers and stakeholders
  • Integration between business operations and information security
  • Alignment of information security with the organization’s objectives
  • Puts forward true value through enhancement of  marketing opportunities

Benefits of ISO/IEC 27001 certification to your customers:

  • Keeps intellectual property and valuable information secure
  • Provides customers and stakeholders with confidence in how you manage risk
  • Secures exchange of information
  • Ensures you are meeting your legal obligations
  • Manages and minimizes risk exposure
  • Cost savings for rework, damages and waste

ISO/IEC 27001 certification (also known as “registration”) is a third-party audit performed by a certification body such as PECB who, upon verification that an organization is in compliance with the requirements of ISO/IEC 27001, will issue an ISO/IEC 27001 certificate. This certification is then maintained through regularly scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a tri-annual basis.

Contact us to find out how we can assist you in attaining ISO/IEC 27001 Certification.