This one day course promises to deliver an overview on the benefits and purpose of an information security management system (ISMS), and generates an understanding of the advantages of implementing ISO 27001:2013 requirements and gaining certification.
Delivered by our information security experts, the ISO 27001:2013 requirements are reviewed in detail, along with the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS.
By helping you to develop an information security infrastructure, this course is a great precursor to implementing ISO 27001:2013 requirements and helping you to develop your knowledge should you wish to attend LRQA’s ISO 27001 Internal and Lead Auditor training courses.
Benefits of attending
If you are new to ISO 27001 and responsible for managing your organization’s data and information, LRQA’s Introduction to ISO 27001 requirements course aims to provide:
- ISO 27001 Requirements. The overall aim of this course is to provide you with the basic principles of the standard and an overview of the plan-do-check-act (PDCA) cycle and aims address all elements of the planning stage.
- Risk assessment. During this course we will address the design, deployment and review of the risk assessment methodology. You will be provided with an overview of a basic approach to risk assessment that will enable you to understand the overall concept and intended outcomes.
- Case study approach. Supported by a case study, this course will help you to identify assets, risk owners, threats and vulnerabilities, business impacts and the likelihood of a risk occurring.
- Implementation of controls. This course will also explore the implementation of controls to help you identify any gaps in your existing controls and address the controls within Annex A of the standard.
- CIA requirement. Providing further understanding of the CIA requirement, this course addresses the subjects of confidentiality, integrity and availability of information to enable you to fully understand the importance of these when assessing risks and implementing controls.
Who should attend?
Attend this course if you are responsible for keeping your organization’s information safe. Whether that is for data management and protection, IT services, human resources and financial & accounting records or put simply, any business area that interacts with stakeholder data and information.
What will I learn?
- Benefits and purpose of an ISMS
- Purpose and intent of ISO 27001
- Processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS
- How to develop an information security infrastructure
- Develop an understanding of the requirements needed ISO 27001 certification