ISO 27001 as international standard has been prepared to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS). The adoption of the ISMS should be a strategic decision for an organization. The design and implementation of an organization’s ISMS is influenced by their needs and objectives, security requirements, the processes employed and the size and structure of the organization. It is expected that an ISMS implementation will be scaled in accordance with the needs of the organization, e.g. a simple situation requires a simple ISMS solution. ISO 27001 standard can be used in order to assess conformance by interested internal and external parties.
This course shall describe how to establish ISMS based on ISO 27001 requirements
Who should attend?
Managers from different departments and IT employees
Course Objectives
At the end of the course the trainees will:
- Understand what is meant by data and information
- Understand what is meant by asset, availability, integrity, and confidentiality
- Understand what is meant by information risk assessment and information security incident
- Understand what is meant by management system
- Understand the reason for implementing ISMS
- Understand the ISMS process model
- Understand the 8 clauses of ISO 27001
- Identify the ISMS documentation requirements