ISO 27001:2013 - Information Security Management Systems

The purpose of this course is to provide students with knowledge, insight and understanding of the requirements and practical activities associated with designing, implementing and maintaining an information security management system, aligned to the ISO 27001 Standard. This course will assist those seeking to better understand the standard and how to implement an ISMS practically within an organisation and to prepare for the ISO 27001:2013 certification for the organisation.

This course covers multiple information security terms and concepts, including documentation design, information security risk management principles and guidelines, and understanding the environment in which the organization operates, and the information security needs and expectations associated with that.

Target Audience

This course is for IT Managers and Compliance Professionals.

Prerequisites

Students will need an understanding of their environment and assets that are in the scope of ISO27001. Students must have the ability to take notes and create spreadsheets for data entry. An inquisitive mindset knowing the road to certification is a process that can at times be challenging, but overall rewarding. This course is for an intermediate to advanced audience who already have an understanding of cyber security governance and are looking to implement and get certified in ISO27001.

Course Goals

By the end of this course, students should be able to:

Have a detailed understanding of the ISMS clauses and what they entail.

Demonstrate knowledge of an information security risk management process.

Demonstrate knowledge of the required documentation to support an ISMS.

Demonstrate knowledge of how to monitor, measure and evaluate the performance of an ISMS through various processes.

Demonstrate knowledge of nonconformities and the continual improvement cycle.

* Better understanding of governance in the cyber security landscape