This course will provide a basic overview and background to information security before fully exploring the requirements of ISO 27001. By helping you to identify your assets and determine the risks to these assets and their potential impact, this course will help you to implement a robust ISMS to protect and enhance the future performance of your organization.
This three day course complements LRQA’s ‘Introduction to ISO 27001:2013 requirements’ course. It is the perfect course for those organizations that need to start implementing an information security management system (ISMS) that conforms to ISO 27001:2013 requirements.
Benefits of attending
- Successful implementation of ISO 27001. By providing you with a better understanding of how it can be implemented, this course will explain the required clauses of the standard so you fully appreciate what is essential to ensure its successful implementation.
- Practical workshops. This course uses workshops asking you to implement ISO 27001 requirements enabling you to share ideas and experiences with other delegates, which you can then apply within your organization.
- Risk assessment and controls. Demonstrating how the context of organization, needs and expectations of interested parties and the scope of the system will influence the risk assessment approach and implementation of controls, this course will enable you to develop ISMS objectives and address how the system will be measured to ensure its success.
- Top management. Gaining top management’s commitment and buy-in is imperative to the success of your ISMS. This course will address the various approaches you can take to and provide you with help and advice to enable you to find the best solution for your organization.
Who should attend?
Attend this course if you are responsible for managing your organization’s information security and have been tasked with implementing an ISMS certified to ISO 27001.
What will I learn?
- How to define the scope of an ISMS
- The identification of assets relative to the scope
- How to apply values to the above assets
- The determination of risk to the assets and their potential impact
- The identification of the appropriate controls
- How to determine and produce applicable policies and procedures
- Learn how to identify awareness training
- Gain an understanding of the certification process