Introduction to the implementation of an Information Security Management System (ISMS) based on ISO 27001

Summary

This one-day training enables participants to be familiar with the basic concepts of implementation and management of an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2013. The participant will learn the different components of an ISMS, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.

Who should attend?

• IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
• Staff involved in the implementation of the ISO 27001 standard
• Expert advisors in IT
• CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
• Auditors

Learning objectives:

• To understand the fundamentals of information security
• To know the interrelationships between ISO 27001 and the other information security standards  (ISO 27002, ISO 27003, ISO 27004, and ISO 27005…)
• To know the key components of an Information Security Management System (ISMS) in accordance  with ISO 27001
• To introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
• To understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
• To understand the stages of the ISO 27001 certification process

Course Agenda:

• Introduction to the ISO 27000 family of standards
• Introduction to management systems and the process approach
• General requirements: presentation of the clauses 4 to 10 of ISO 27001
• Implementation phases of ISO 27001 framework
• Introduction to risk management according to ISO 27005
• Continual improvement of information security
• Conducting an ISO 27001 certification audit

Prerequisites
None

Exam and certification

None

General Information:

• A student manual containing over 100 pages of information and practical examples will be distributed to participants

• A participation certificate of 7 CPD (Continuing Professional Development) credits will be issued to participants

Price: 1.750,00 Kn + VAT

Information:

SP sistemi d.o.o., tel: 01/6444 – 444, e-mail: konzultant@spsistemi.hr

The seminar is held in cooperation with ZIH (Zavod za informatičku djelatnost Hrvatske), at Mažuranić Square 8 / III, Zagreb.