
Description
Our popular ISO 27001 standard interpretation course has just been “upgraded”. This two-day “ISO/IEC 27001:2013 STANDARD INTERPRETATION AND REQUIREMENT TRAINING” course covers the latest version (2013) of the ISO/IEC 27001 standard. It is ideal for all levels of information security practitioner from internal auditors to top management who would like a detailed explanation of the intention and meaning of each clause in the Standard.
COURSE OUTLINE:
- Introduction of Information Security Management System
- Process-based ISMS
- Interpretation of ISO/IEC 27001:2013 requirements
- Changes in the requirement and their implications
- Risk assessment process & method
- High Level Structure
- New “Annex A” controls
- Removed “Annex A” controls
PROFESSIONAL TRAINER:
Mr. Chris YAU
Senior Manager, Products and Services Development, SGS Approved Tutor
He is an EuroCloud-Star Auditor and Trainer, Certified CSA STAR Auditor,
RABQSA registered ISO/IEC 27001 Lead Auditor, Certified Information Security Auditor (CISA) and Certified Information Security Manager (CISM) with over 15 years of security-related audit and teaching experience including information security in both manufacturing and IT sectors, cargo and freight security. He is also a lead auditor in ISO 9001, ISO 14001, ISO 28000, and ISO 20000.
Ms. Rani LUI
IT Product Manager, HK and Macao Area
She is an ISO/IEC 27001 and ISO 9001 Lead Auditor, a Certified Information Security Auditor (CISA) and a Certified Data Centre Professional (CDCP). She has been managing and auditing data centres since 2008.
(SGS Hong Kong Ltd. reserves the right of final tutor arrangement)
CERTIFICATION (Attendance: 80%):
Delegates who successfully completed the course will be issued a certificate by SGS Hong Kong Limited.
GENERAL INFORMATION:
Venue: T.S.T. / Wan Chai / Sheung Wan Training Centre / TBC
Medium: Cantonese supplemented with English material
*Early Bird Price will be offered to participant whose enrolment is made one month prior to the course or online booking
Objectives
1. Appreciation of the need of an information security management system
2. Knowledgeable of
• Annex|SL and High Level Structure
• ISO27001:2013 requirements
• Risk assessment process
3. Familiar with Annex A controls
Audience
Those requiring an introduction and explanation on ISO 27001:2013, especially those involved in the design, implementation and management of an ISMS.
