ISO 27001:2013 Foundation

Date/Time: 01/04/2019 - 02/04/2019 9:30 am - 4:30 pm

Category(ies)


Course Overview

This course enables the participants to learn about the best practices for managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This training also helps to understand          how ISO 27001 and ISO 27002 are linked with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).

Prerequisites

  • No prior knowledge is required
  • and the management of its inherent risks
  • Members of information security teams
  • Trainers in information security

Course Benefits

  • Understand the structure of ISO/IEC 27001:2013
  • Understand the organization of ISO/IEC 27002:2013
  • Understand the future role of ISO/IEC 27003, ISO/IEC 27004 and ISO/IEC 27005

Who Should Attend?

  • IT Management
  • Information security officers
  • Internal auditors
  • Auditors wanting to perform and lead ISMS certification audits
  • Project managers and consultants wanting to master the ISMS audit process
  • CIO and senior managers responsible for the governance of an enterprise

 Course Contents

Day 1

  • Introduction to the management of an Information Security Management System (ISMS) based on ISO 27001 and launching an ISMS
  • Introduction to the ISO 27000 family of standards
  • Presentation of the standards ISO 27001, ISO 27002 and regulatory framework
  • Fundamental principles of Information Security
  • General requirements: presentation of the clauses 4 to 8 of ISO 27001
  • Writing the business case and preliminary design of the ISMS
  • Developing a project plan of compliance to ISO 27001
  • Certification Process

Day 2

  • ISMS Process and Crucial Steps for Implementation
  • Control Objectives & Controls of ISO 27001
  • 5 Security Policies
  • 6 Organization of information security
  • 7 Human resource security
  • 8 Asset management
  • 9 Access control
  • 10 Cryptography
  • 11 Physical and environmental security
  • 12 Operations security
  • 13 Communications security
  • 14 System acquisition, development and maintenance
  • 15 Supplier relationships
  • 16 Information security incident management
  • 17 Information security aspects of business continuity management
  • 18 Compliance

Training Info

Duration:         2 Days

Date:                  April 1 – 2,2019

Time:                9.30 am. – 16.30 pm.

Contact:          T 02 670 8980 – 3

                           E [email protected]

Course Registration

Bookings are closed for this event.

Terms & Conditions for Course Registration

Please read the following terms & conditions for course registration carefully. Upon clicking submit button, it is demonstrated that I/We understand and accept the registration and cancellation policies and procedures.

  • Full payment is required in advance prior to course commencement date.

Cancellation Policy

  • Payment is due upon registration
  • Delegates who cancel after registration, or who don’t attend, are liable to pay the full course fee and no refunds can be given
  • A replacement is always welcome

Disclaimer: ACinfotec reserves the right to change, postpone or cancel. Any part of its published programme due to unforeseen circumstances.