Do you know how to deliver the ITIL recommendations for Information Security Management?
Closely aligned with ISO27001, the ISO/IEC 27002:2005 standard serves as a practical guideline for all members of staff as they initiate, implement and maintain information security. An understanding of the best practice guidance as outlined in ISO27002 is essential to achieving the goals of an ITIL Service Management programme.
The ITIL security management process describes the structured integration of security in an organisation. ITIL security management is of course based on the ISO27002 best practice and its adoption in the ITIL Lifecycle provides the foundation for effective IT governance. The security management process has relations with almost all other ITIL-processes but is most associated with Service Level Management, Incident Management and Change Management.
|ISO27002 Foundation Training
The one-day Information Security Foundation based on ISO/IEC 27002 training course is designed for anyone in an organisation who is responsible for the security of information assets and directly supports the implementation of ITIL Service Management best practice.
Delegates attending the course will learn about:
- Information and data relationships (security, governance, assurance)
- Defining threats and vulnerabilities and understanding Risk Management
- Risk analysis with Impacts, Likelihood and Probability
- Required policies and an Information Security Plan
- External relationships with 3rd party organisations
- Protective marking and the relationship to Impact (Risk)
Achieve EXIN Certification
The Information Security Foundation based on ISO/IEC 27002 course is based on the EXIN Information Security Foundation syllabus and prepares delegates for the EXIN ISFS examination which is taken at the end of the day. Successful candidates will be awarded the EXIN Information Security Foundation Certificate.
Ensure your managers and staff are trained to understand their information security responsibilities.