ISO 27002 training helps managers implement best-practice information security controls


Ely, England, 6 September 2011IT Governance Ltd, the global leader in ISO 27001 information, standards, books, tools and training, has reported that the next Information Security Foundation based on ISO/IEC 27002 training course, is the last one for this year, and will take place on 20th September in London. The course delivers a comprehensive education in ISO 27002 best practice and a recognised industry standard certification awarded by EXIN.

In close alignment with ISO 27001, the ISO/IEC 27002 Code of Practice serves as a practical guideline for all members of staff as they initiate, implement and maintain information security. It lays out a set of suggested controls to address information security risks, covering confidentiality, integrity and availability aspects. The ISO/IEC 27002 guidelines can be seen as complementing COBIT. Being an IT governance control framework, COBIT helps organisations to align IT strategy with organisational goals. However, COBIT does not supply a ‘how-to’ route map to information security. This is ably provided by the ISO 27002 Code of Practice.

On the other hand, ITIL security management is based on the ISO 27002 best practice and its adoption in the ITIL Lifecycle provides the foundation for effective IT governance. The security management process has relations with almost all other ITIL-processes but is most associated with service level management, incident management and change management.

Managers of organisations that are adopting the COBIT IT governance framework and/or the ITIL Suite of service management best practice, will benefit particularly from understanding the ISO/IEC 27002 guidelines and therefore should consider professional training.

The one-day Information Security Foundation based on ISO/IEC 27002 training course is designed for anyone responsible for the information assets within an organisation. Delegates will learn more about information security plans and how to define threats and vulnerabilities and to manage risks. Risk analysis with an understanding of impacts, likelihood and probability is another key focus of the course.

Organisations can book delegates onto this course online here Course places can also be booked directly with the friendly, helpful IT Governance service centre team on telephone number +44 (0)845 070 1750. Larger organisations can make bookings or purchases with a purchase order either by telephone or by e-mail to  We also welcome overseas delegates on all our courses and can provide guidance on travel and hotel arrangements.

This website uses cookies. View our cookie policy