This two-day course is delivered by our information security experts and aims to give you an overview of the benefits and purpose of an information security management system (ISMS). The requirements are reviewed in detail, along with the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS.
You will learn how to protect your organisation from a breach in information security and understand the advantages of implementing ISO 27001:2013 requirements and gaining certification.
Program
- Benefits, purpose and processes involved in managing an ISMS
- Purpose, intent and understanding of the requirements for ISO 27001 certification
- Basic principles of the standard and an overview of the (PDCA) cycle
- The basic approach to risk assessment
- To develop an information security infrastructure
- To identify assets, risk owners, threats, vulnerabilities and business impacts
- To identify any gaps in your existing controls and address the controls within Annex A of the standard
- The subjects of confidentiality, integrity and availability of information and the importance of these when assessing risks and implementing controls
- The design, deployment and review of the risk assessment methodology.
What do you need to prepare for this course?
- Knowledge about the types of data held by your organisation and the methods used to store and process this data.
- A good knowledge of the English language is required for this course.
Target audience
Individuals working for any business area that interacts with stakeholder data and information as data management and protection, IT services, human resources and financial & accounting.
A good knowledge of the English language is required for this course.