Risk Management for IT (ISO 27001:2022)

Description

*** SGS also provide e-certificate and e-document (e-document will be provided for In-house training only). This enables learners to be free from certificate loss, to reduce storage space, and ultimately to be environmental-friendly to which SGS’s current policy is attached.***

CONTENT

• Introduction of ISMS: Information Security Management System

• Introduction of IT security awareness in Day to Day operation

• Asset Management

• Risk Management Concept

• Risk Assessment Methodology

• Risk Treatment

• Risk Monitoring

• Implementation Steps

Objectives

The aim of this course is to generally introduce delegates to the concept of Risk Management Process that is the part of core process of international standard ISO 27001: Information Security Management System. The training class will give delegates sufficient skills and knowledge to be able to establish Risk Management Process in ISMS management system. The course gives a clear overview of the concept of risk management, risk assessment methodology, risk treatment and risk monitoring.  It also includes the planning, implementation, and correcting stages of the implementation process with reference to ISO 27001:2005.  The course provides the balance between theory and interactive workshops which develop the necessary knowledge and skills to conduct the implementation of the risk management align to ISO 27001:2005 Information Security Management System.

Audience

Any individual or representative of an organization who wishes to understand the concepts of Risk Management System in term of ISO 27001:2005 Information Security Management System, Especially for who are delegated to implement ISMS system