Meeting the modern challenge of information security is an issue that every organisation needs to take seriously. In the media we consistency hear of cyber attacks, data security issues and organisations failure to comply with legal and regulatory requirements.
ISO27001 is a structured, technology-neutral, vendor-agnostic specification and code of practice for information security management in organisations of all sizes. It should be adopted by an organisation as part of their overall risk management strategy.
The course is based on Alan Calder & Steve Watkins’ books, ISO27001/ISO27002 a Pocket Guide, and An Introduction to Information Security and ISO27001. This course enables delegates to understand the key concepts of ISO27001, including its relationship with ISO27002.
- What is ISO27001?
- Using ISO27001 with ISO27002
- The drivers for adopting ISO27001
- THE ISMS Standards – what they are and why they are important
- What certification means
- Information Security – and why it is important
- Management committment – Why it is crucial to the suucess of an ISO27001 project
- Implementing ISO27001 and Project Management
- How ISO27001 helps meet legal, regulatory and contractual compliance objectives
- How ISO 27001 can help increase user productivity and reduce IT problems
- Risk Assessment and Security Controls
There are no formal entry requirements for this course. This course is designed to provide a comprehensive introduction to information security managemnt. This course is an essential pre-qualification for our ISMS Implementation Master Class.