To effectively manage the threats and risks to your organization’s information you should establish an Information Security Management System (ISMS). An ISMS based on the international standard ISO/IEC 27001 will help you to implement an effective framework to establish, manage and continually improve the security of your information. Training Objectives include;

  • Understand the operative principles of a ISMS according to ISO 27001
  • Develop the necessary skills to carry out an ISO 27001 implementation project in compliance with the requirements of the standard and the guidelines of the ISO 27002 to 27005 codes of practice and other information security standards based on sectors and thematic topics.
  • Acquire the management skills of a project team to lunch and maintain an ISMS
  • Lightning the candle – ISMS Setup
  • Understanding the Organization
  • Analyze the Existing System
  • Document operational artefacts (Part 1)
  • Risk Management
  • Update and define security processes
  • Transfer to Operations
  • Performance evaluation of the ISMS (Part 1)
  • Performance evaluation of the ISMS (2/2)
  • Maintain and improve the ISMS
  • Certification Process
  • Fundamental Principles of information security
  • Infosec control best practices based on ISO 27002.
  • Planning an ISMS based on IS0 27001.
  • Implementing an ISMS based on IS0 27001.
  • Performance evaluation, monitoring and measurement of an ISMS based on IS0 27001
  • Continual improvement of an ISMS

ISMS internal and certification audit principles