Introduction
With proper implementation, Information Security Management System (ISMS) using the ISO/IEC 27001 standard would help organizations enhance their marketing position, organize all information security activities in a clearly defined framework, and consequently decrease the level of risks. The objective of the standard itself is to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System”.
This course provides participants with ideas and awareness on implementing Information Security Management System using the standard with its coverage of security issues, containing a significant number of control requirements.
Learning Objectives
At the end of the training, participants shall be able to:
- Gain awareness of the ISO/IEC 27001 security standards
- Understand the importance of security risk management
- Determine the importance of risk assessment in an organization and how to minimize them
- Identify ways of implementing the ISMS to current organization set-up
Who Should Attend
- System and Software Managers
- Quality Assurance Engineers/Managers
- Quality Control Officers
- Network Administrators
- Trainers and other individual involved with Security Risk Management
Program Duration
1 day, 8 hours
Program Outline/Course Overview
Topic 1: Introduction to Information Security
Topic 2: Introduction and Overview of ISO/IEC 27001 (ISMS)
Topic 3: Advantages and Benefits of using ISMS
Topic 4: Fundamental Principles of Information Security
Topic 5: Introduction to Management Systems and the Process Approach
Topic 6: ISO 27001 Mandatory Clauses 4 – 8
Topic 7: Implementation Phases of ISO/IEC 27001 Framework
Topic 8: Continual Improvement
Ice Breakers/ Quizzes/ Case Studies/ Workshops
Wrap-up/ Summary
Open Discussion
For a complete course outline, email trainings@gcssinc.com.