Overview
This five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System as specified in ISO 27001:2005: risk management principles, risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification.
In addition, the participant will be able to become proficient in the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 security domains that is: security policy, organization of information security, asset management, physical and environmental security, communications and operations management, information systems acquisition, development and maintenance, information security incident management, etc
Learning Objective
• Understanding the application of an information security management system in the ISO 2701:2005 context.
• Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
• Acquiring the expertise to support an organization in implementing, managing and maintaining an ISMS as specified ISO 27001
• Acquiring the personal skills and knowledge necessary to advise an organization on the best practices in information security management
Course Details
Day 1 : Introduction to the management of an Information Security Management Sys tem based on ISO 27001 and launching of an ISMS
• Introduction to management systems and the process approach & information security
• Introduction to ISO 27001 family standards
• Implementation of the governance framework: information security roles and responsibilities, ISMS policies, etc.
Day 2 : Planning an ISMS based on ISO 27001
• Risk management : risk identification, risk analysis and risk treatment
• Drafting the statement of applicability
• Implementing a documentation management framework
• Designing performance indicators of control measures (metrics and operating reports).
Day 3 : Launching and implementing an ISMS based on ISO 27002
• Implementing security controls in organization
Day 4: Launching and implementing an ISMS based on ISO 27002
• Implementing security controls in organization (continue)
Day 5: ISO 27001 certification audit
• Implementing security controls in organization (continue)
• Continuous improvement
• Preparation ISMS internal audit and ISO 27001 certification audit
• Simulation and Case Study
Information
Samiha
Phone : 021-91307746 / 021-97605726
Email : lemtiui@ie.ui.ac.id
Website : www.lemtiui.com
Tidak ada komentar:
Posting Komentar