An ISO 27001 Information Security Management System is a systematic and process driven approach to protecting your business information. It is designed to quantify and address the risks to the business and provide a structured approach to maintain confidentiality and integrity within your business context. This standard supports the company in ensuring you meet the needs of your customers, whilst delivering a consistent level of quality and protection.
No information security management system can achieve its potential unless the underlying principles are understood, supported by management and become part of a company’s normal operating procedure and provide a foundation for companies who are interested in using the standard as the mainstay for their information security approach.
This 2 day course will cover the main principles and elements of the standard and due to the depth of the standard and breadth of the subject of security it will primarily aim to familiarise delegates with the principles and provide a skeletal road map.
You will gain an understanding of:
- categorising and mitigating risk
- scoping and maintaining an Information Security Management System
- asset management
- setting up security governance and associated roles involved
- Principles and elements of ISO27001
- Role of the information security management representative
- How to establish information security governance within your organisation
- Asset management – how to complete an inventory
- Completion of risk assessments
- Statement of applicability
- Document requirements
There will also be a chance for a questions and answers at the end of each session with a recap at the end of the day.
Is the course right for me?
If you are any one of the following, then the answer is ‘YES’
- You have been asked to be the project lead for implementing information security into your organisation using the ISO 27001 Standard
- You are interested in finding out what the information security standard ISO27001 is and how it could benefit your company
- You are looking to extend your existing company quality management system to include information security
HOW WILL I BENEFIT?
- You will have an increased understanding of information security management responsibilities
- You will have an increased understanding of the principles and elements of the ISO27001 standard requirements
- You will have a better understanding of what a security management system is
- Gain shared experiences with other delegates exploring the standard
- Training groups are small and focused, allowing for maximum input from each delegate