ISO 27001: Information Security Management System Core Implementation Course - 3 days training

Overview

This course will enables participants to learn the stages needed to implement a management system as specified in ISO 27001:2005 and take part in the implementation: risk management (based on ISO 27005), risk management plan, implementation, sur- veillance, re-examination and operation of an ISMS, continuous improvement of infor- mation security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification. In addition, the participant will be able to master the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 domains that is: security policy, organization of information security, asset management, communications and operations management, access control, information systems acquisition, information security incident management, business continuity management and compliance.

Learning Objective

• Understanding the application of the information security management system in the ISO 27001:2005 context.
• Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
• Acquiring the competence to support an organization in implementing, managing and maintaining an ISMS as specified ISO 27001
• Acquiring the personal skills and knowledge necessary to advise an organization on the best practices in information security management

Course Details

Day 1 : Introduction to the management of an Information Security Management System based on ISO 27001 and launching of an ISMS

• Introduction to management systems and the process approach
• Fundamental principles in information security
• Introduction to ISO 27001 and ISO 27002 standards
• Plan-Do-Check-Act approach

Day 2 : Launching and implementing an ISMS based on ISO 27001

• Risk management : risk identification, risk analysis and risk treatment
• Drafting the statement of applicability
• Implementing a documentation management framework
• Gap Analysis concept

Day 3 : Controlling and monitoring an ISMS based on ISO 27001

• Designing performance indicators of control measures (metrics and operating reports)
• Implementing security control measures and monitoring
• Implementing security controls in organization
• Case Studies & Simulations

Information

Samiha

Phone : 021-91307746 / 021-97605726

Email : lemtiui@ie.ui.ac.id

Website : www.lemtiui.com