Description
This 3-day course provides an in-depth look at how a formal information security management system (ISMS) should be using an international benchmark – ISO/IEC 27001 by presenting the requirements of ISO 27001 as well as the 14 security control domains. This course discusses in depth the risk management approach to implementing ISO 27001. Through a risk management framework, the process of selecting controls become structured and aligned with the business needs.
Objectives
At the end of this course, participants should be able to:
- Establish a clear strategy for managing Information Security in your organization
- Understand the different dimensions of Information Security as a core business concern
- Describe the true business benefits of implementing an ISMS
- Understand what is information security and its components
- Comprehend the risk management requirements of ISO 27001
- Perform a risk assessment on your own
- Identify the assets you are protecting and determine their value to your organization
- Develop approaches and methodologies for assessing and treating risks
- In-depth understanding of the 114 controls in ISO 27001 and ISO 27002
Audience
- Senior Managers tasked to implement information security
- Security Officers (IT Security, Physical Security)
- Line/Functional/Process Managers (QMR, EMR, MIS, HR, etc)
- Process owners and process performers
Classroom 3 Days
40252244