This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects). This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of an ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).
Who should attend?
- Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS)
- ISO/IEC 27001 auditors who wish to fully understand the Information Security Management System implementation process
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
- Members of an information security team
- Expert advisors in information technology
- Technical experts wanting to prepare for an information security function or for an ISMS project management function
- To understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001
- To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System
- To understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- To acquire the necessary expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
- To acquire the necessary expertise to manage a team implementing ISO/IEC 27001
- To develop the knowledge and skills required to advise organizations on best practices in the management of information security
- To improve the capacity for analysis and decision making in the context of information security management