This 3-day course provides an in-depth look at how a formal information security management system (ISMS) should be using an international benchmark – ISO/IEC 27001 by presenting the requirements of ISO 27001 as well as the 14 security control domains. This course discusses in depth the risk management approach to implementing ISO 27001. Through a risk management framework, the process of selecting controls become structured and aligned with the business needs.