Course Overview
This course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2005, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This training also helps to understand how ISO 27001 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).
Course Outline
- Understanding the implementation of an Information Security Management System in accordance with ISO27001
- Understanding the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- Knowing the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System
- Acquiring the necessary Knowledge to contribute in implementing an Information Security Management System (ISMS) as specified in ISO 27001
Learning Objectives
- You will get knowledge about the concept, importance and the reliability of information.
- You will learn about the types of risks, threats and damages, and the available risk strategies and the security measures you can take.
- You will get insight in the security policy and organization, inclusive code of conduct, ownership, and roles and responsibilities. Moreover you learn how to manage security incidents.
- You will learn about the various security measures.
- Physical measures such as identity passes and finger scans.
- Technical measures such as cryptography, and you will learn how to deal with attacks such as phishing, spam and malware.
- Organizational measures you can take such as access management and Business Continuity Management.
- You will get aware of the most important legislation and regulations.
Target Audience
- Members of an information security team
- IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
- Staff involved in the implementation of the ISO 27001 standard
- Technicians involved in operations related to an ISMS
- Auditors
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risk
Exam Details
Examination Duration | 60 Mins |
Type of Examination | Multiple Choice |
Total Questions | 40 |
Passing Mark | 26 (65%) |