Management Representative and Internal auditor of Information Security Management System compatible with ISO 27001

Comprehensive training to prepare for the implementation and auditing of an information security management system compliant with ISO 27001.The training gives the right to perform the functions of ISO 27001 Information Security Officer and Internal Auditor. A detailed description of the requirements of ISO 27001 and ISO 27002 allows the participation in the training even for people who are just starting their adventure with ISO. It will also be a great reminder and broadening knowledge for people already working at ISMS. – more

Fundamentals of Information Security Management System ISO 27001

The training is a great introduction to self-implementation of ISO 27001, as it becomes familiar with the requirements of ISO 27001 and ISO 27002. During the training, the Trainer thoroughly discusses all the points of the standard and explains them, especially in those cases where the provision in the standard creates a wide range of interpretation possibilities. – more

 ISO/IEC 27001:2013 standard – Control objectives and control – Annex A

Supplementary training for the Information Security Officer and ISMS Internal Auditors ISO / IEC 27001.
As part of the course, participants will learn about information security aspects. They will learn how to design security and build a tight information security management system in the organization. Training materials describing sample security measures will certainly be useful while working on the implementation and improvement of ISMS. – more

More seciruty courses:

Day 1:

• Information and organizational security
  • What is information security?
  • Why is information security needed?
  • How do I specify the security requirements?
  • Security risk assessment,
  • Security selection,
  • Information security starting point
  • Critical Success Factors
  • What is information security?
• Information security in the ISO 27001 standard
  • Introduction
  • Scope of the Standard
  • Normative references
  • Terms and Definitions
  • Context of the organization
  • Leadership
  • Planning
  • Support
  • Operation
  • Evaluation of effectiveness
  • Improvement

Day 2:

• Information and organizational security
  • Appendix A
  • Information security policies
  • Organization of information security
  • Security of human resources
  • Asset Management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Safe operation
  • Communication security
  • Systems acquisition, development and maintenance
  • Relationships with suppliers
  • Information security incident management
  • Aspects of information security in business continuity management
  • Compatibility

Day 3:

• Organize and conduct the audit
  • Definition of audit, nonconformity and follow-up
  • PDCA cycle as applied to audit planning
  • Planning audits
  • Audit notice
  • Kick-off meeting
  • Observations – defining
  • Report and its preparation
  • Audit follow-up
• LEGAL AND INTERNAL AUDITOR exam

• Introduction
• Scope of standard
• Normative references
• Terms and definitions
• Context of the organization
• Leadership
• Planning
• Support
• Operation
• Performance evaluation
• Improvement