ISO27001
Training
Online
Description
-
Type
Training
-
Level
Intermediate
-
Methodology
Online
-
Duration
Flexible
-
Start date
Different dates available
-
Online campus
Yes
-
Delivery of study materials
Yes
-
Support service
Yes
-
Virtual classes
Yes
Furthermore, ISO 27001 is an information security standard, part of the ISO/IEC 27000 family of standards, of which the last version was published in 2013. There have been a few minor updates since then, mainly for the reason that it is constantly changing and first of all the reason was GDPR. It is published by the International Organisation for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee.
The regulation specifies a management system that is intended to bring information security under control, while managing the process. Above all, ISO 27001 gives specific requirements to organisations. Consequently, businesses that meet the requirements may be certified by an accredited certification body following a successful audit. As a result of this need, 2414 began the process of becoming certified as an ISO 27001 training provider.
Facilities
Location
Start date
Start date
About this course
this is an extensive course which covers all the areas of ISO 27001, therefore, it provides useful case studies, examples, tables and diagrams. You will, hence, also have evidence to support your learning and understanding of Information Security Management Systems. This course is certainly ideal if you are the compliance manager or similarly, have been tasked with working with an auditor to achieve ISO 27001 for your organisation. Most noteworthy, it is a great course if you are looking to further your career.
Anyone supporting the implementation, operation or maintenance of an ISMS within an organisation, similarly a CIO or CISO.
An individual required to audit an ISMS and to have a basic understanding of the standard.
Someone working within an organisation with an ISMS, whether the organisation is already certified or is considering certification to ISO 27001.
Furthermore, if you are preparing for the ISO 27001 Practitioner – Information Security Officer qualification.
Compliance Manager, IS Manager, Security Manager, CIO, CISO
Foundation – Recommended reading
Practitioner – Foundation Level Certification
ISOF – ISO 27001 Foundation
ISOP – ISO 27001 Practitioner
Reviews
Subjects
- Risk
- Audit
- ISO
- International
- IT risk
- ISO 27001
- ISMS
- Processes
- Scope
- Security risks
- Terminology
Course programme
- The scope and purpose of ISO 27001 and, above all, how it can be used.
- Key terms and definitions used in the ISO 27000 series.
- Essential requirements for an ISMS and the need for continual improvement.
- The processes, their objectives and high level requirements.
- Applicability and scope definition requirements.
- Use of controls to mitigate Information Security risks.
- The purpose of internal audits and external certification audits, their operation and the associated terminology.
- The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.
- Creating the ISMS policy and its security scope, objectives, and processes within the organisation.
- Applying the principles of risk management including risk identification, analysis and evaluation. Propose appropriate treatments and controls to reduce information security risk. This will, as a result, support business objectives and also improve information security.
- Analyse risk treatments and controls to assess their effectiveness and,consequently, identify opportunities for continual improvement.
- How to analyse and evaluate the effectiveness of the ISMS using an internal audit and management review to continually improve it’s performance.
- Create, apply and evaluate the suitability, adequacy and therefore, effectiveness of procedures and records required by ISO 27001.
- Identify and apply appropriate corrective actions to maintain ISMS conformity with ISO 27001.
ISO27001