This course enablesparticipants to learn about the best practices for implementing and managing anInformation Security Management System (ISMS) as specified in ISO/IEC27001:2013, as well as the best practices for implementing the informationsecurity controls of the eleven domains of the ISO 27002. This training alsohelps to understand how ISO 27001 and ISO 27002 relate with ISO 27003(Guidelines for the implementation of an ISMS), ISO 27004 (Measurement ofinformation security) and ISO 27005 (Risk Management in Information Security).

Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001•

Introduction to the ISO 27000 family of standard•

Introduction to management systems and the process approac

Fundamental principles information security•

General requirements: presentation of the clauses 4 to 8 of ISO 27001•

Implementation phases of ISO 27001 framework•

Continual improvement of Information Security•

Conducting an ISO 27001 certification audit

Day 2: Implementing controls in information security according to ISO 27002 and Certification Exam•

Principles and design of information security controls•

Documentation of an information security control environmen•

Monitoring and reviewing the information security controls•

Examples of  implementation of information security controls based on ISO 27002 best practices•

Certified ISO/IEC 27001 Foundation exam

Prerequisites

None

Educational approach•

This training is based on both theory and practice:o

Sessions of lectures illustrated with examples based on real caseso

Review exercises to assist the exam preparationo

Practice test similar to the certification exam•

To benefit from the practical exercises, the number of training participants is limited

Examination and certification•

The “Certified ISO/IEC 27001 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:o

Domain 1: Fundamental principles and concepts of  information securityo

Domain 2: Information Security Management System (ISMS)•

The “Certified ISO/IEC 27001 Foundation” exam is available in different languages (the complete list of languages can be found in the examination application form)•

Duration: 1 hour

Taken from PECB <https://pecb.com

·        Members of aninformation security team

·        IT Professionalswanting to gain a comprehensive knowledge of the main processes of anInformation Security Management System (ISMS)

·        Staff involved in theimplementation of the ISO 27001 standard

·        Technicians involved inoperations related to an ISMS

·        Auditors

·        CxO and Senior Managersresponsible for the IT governance of an enterprise and the management of itsrisks

·        To Understand theimplementation of an Information Security Management System in accordance withISO27001

·        To Understand the relationshipbetween an Information Security Management System, including risk management,controls and compliance with the requirements of different stakeholders of theorganization

·        To Know the concepts,approaches, standards, methods and techniques allowing to effectively manage anInformation Security Management System

·        To Acquire thenecessary Knowledge to contribute in implementing an Information SecurityManagement System (ISMS) as specified in ISO 27001