ISO 27001:2013 Information Security Management System - ISMS

Description

In this course, we look at the ISO 27001:2013 standard, regarding Information Security Management System. It is a beginner course, which provides an introduction to the standard, with explanations of all the various clauses and appropriate control measures to stay compliant, together with examples on how the standard may apply to a business. It is a good basic course to start with and build your understanding of the ISO 27001:2013 standard!

This standard is a guideline for quality business practices, part of an organisation’s Quality Management System (QMS). Specifically, it focuses on information security - be it in the form of physical, or virtual information assets. As such, it is applicable to all businesses in this day and age, where activities are increasingly digitalised.

With a proper system in place, companies are able to embrace digital transformation confidently, thereby staying current and competitive internationally.

Still, to know how to properly set up and keep this system in place, one needs to have a proper understanding of the standard, with its clauses. If you are looking to achieve this, here is a course that can help you.

---

Course Outline:

Section 1 > Introduction, history and general concepts of ISO 27001:2013

Section 2 > Clause-by-clause guidance for ISO 27001:2013

• Section 2-1 > Clause 1 to 3 + Clause 4: Context of the organisation

• Section 2-2 > Clause 5: Leadership

• Section 2-3 > Clause 6: Planning for the Food Safety Management System

• Section 2-4 > Clause 7: Support

• Section 2-5 > Clause 8: Operations

• Section 2-6 > Clause 9: Performance Evaluation

• Section 2-7 > Clause 10: Improvement

Section 2a > Clause-by-clause guidance for ISO 27001:2013 Annex A

• Section 2-8 > Annex A.5 Information security policies

• Section 2-9 > Annex A.6 Organisation of information security

• Section 2-10 > Annex A.7 Human resource security

• Section 2-11 > Annex A.8 Asset management

• Section 2-12 > Annex A.9 Access control

• Section 2-13 > Annex A.10 Cryptography

• Section 2-14 > Annex A.11 Physical and environmental security

• Section 2-15 > Annex A.12 Operations security

• Section 2-16 > Annex A.13 Communications security

• Section 2-17 > Annex A.14 System acquisition, development and maintenance

• Section 2-18 > Annex A.15 Supplier relationships

• Section 2-19 > Annex A.16 Information security incident management

• Section 2-20 > Annex A.17 Information security aspects of business continuity management

• Section 2-21 > Annex A.18 Compliance

Sections 3 > Preparation of Documentation

Section 4 > Implementation

Section 5 > Verification of your implementation

What You Will Learn!

• Introduction and general concepts of ISO 27001:2013
• Clause-by-clause guidance of ISO 27001:2013
• What applicable requirements are needed for information security?
• What documents to prepare in order to meet ISO 27001:2013?
• How to implement your Information Security Management System (ISMS)?
• How to verify your implementation to make sure you're on the right track?

Who Should Attend!

• Applicable to all businesses in this day and age with increased digitalisation
• Any companies looking to set up their ISO 27001 system or ISMS
• Professionals/Business Owners tasked with overseeing a management system meeting ISO 27001 standards
• Quality managers
• Risk managers

TAKE THIS COURSE