
Description
This course is an introduction for anyone involved in the development, implementation and management of an information security management systems based on ISO/IEC 27001.
The course will benefit those planning to complete other Information Security Management Systems training, for internal auditing and the Lead Auditor Course, as it provides a strong basis of knowledge and understanding of ISO/IEC 27001upon which to build auditing skills.
This course comprises sessions and workshop exercises.
Before beginning this course, we recommend that delegates have knowledge.
1. Management Systems - In particular, an understanding of the Plan-Do-Check-Act (PDCA) cycle.
2. Information Security Management - A basic knowledge of the concepts of information security management and an understanding of commonly used information security management terms and definitions, as given in ISO/IEC 27000.
Objectives
By the end of this course, participants will be able to:
-
Explain the purpose and business benefits of an information security management system
-
Outline the structure and content of ISO/IEC 27001 and its relationship with ISO/IEC 27000 and ISO/IEC 27002
-
Explain the specific information security management-related requirements of ISO/IEC 27001:2013
