About this course

ISO 27799 provides guidelines for organizational information security standards and Information Security Management practices which include but are not limited to the selection, implementation and management of controls by taking into consideration the organization’s Information Security risk environments. This standard provides guidelines to support the implementation of information security controls in healthcare organizations based on ISO/IEC 27002.

By following the guidelines of this international standard, healthcare organizations will be able to maintain a level of security that is suitable to their conditions and will help to ensure the availability, integrity and confidentiality of their personal health information. Basically, ISO 27799 serves as a tool to protect personal health information.

Learning objectives

  • Understand the implementation of Information Security Controls in accordance with ISO 27799 and ISO/IEC 27002
  • Acknowledge the correlation between ISO ISO/IEC 27001, ISO 27799, ISO/IEC 27002 and other standards and regulatory frameworks
  • Understand the approaches, methods and techniques used for the implementation of Information Security Controls in healthcare organizations

Course benefits

PECB ISO 27799 Certificate will prove that you have:

  • Understood the implementation of Information Security Controls in healthcare organizations by adhering to the framework and principles of ISO 27799.
  • Understood the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance and human behavior.
  • Gained the necessary skills to support a healthcare organization in implementing and managing the ongoing Information Security controls based on ISO 27799.
  • Acquired the competences to perform periodic risk assessment in a healthcare organization.
  • Enhanced your ability to help healthcare organizations to play an active and important role in the protection of personal health data of their patients.
  • Gained the necessary knowledge to improve Information Security in healthcare organizations.

Who should attend?

  • Individuals interested in Information Security Management applicable to the healthcare industry
  • Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls relevant to healthcare organizations
  • Individuals interested to pursue a career in Information Security Management

Course agenda

Day 1:  Introduction to ISO 27799, ISO/IEC 27002 and Information Security Management System
Day 2:  ISO 27799 and ISO/IEC 27002 Controls and Certification Exam