This 5-day intensive course enables the participants to develop the expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. Participants will also master the best practices for implementing information security controls from the eleven areas of ISO/IEC 27002:2005. This training is consistent with the good practices of project management established by the Project Management Institute (PMI) and ISO 10006:2003 (Quality Management Systems - Guidelines for Quality Management in Projects). This training is fully compatible with ISO/IEC 27003:2009 (Guidelines for the Implementation of an ISMS), ISO/IEC 27004:2009 (Measurement of Information Security) and ISO/IEC 27005:2008 (Risk Management in Information Security).
Learning Objectives
- Understanding the application of an Information Security Management System in the ISO/IEC 27001:2013 context
- Mastering the concepts, approaches, standards, methods and techniques allowing effective management of an Information Security Management System
- Understanding the relationship between an Information Security Management System, including risk management and controls and compliance with the requirements of different stakeholders of the organization
- Acquiring expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001:2013
- Acquiring the expertise necessary to manage a team in implementing the ISO/IEC 27001:2013 standard
- Developing personal skills and knowledge required to advise organizations on best practices in management of information security
- Improving the capacity for analysis and decision making in a context of information security management