ISO 27001 Information Security Management Systems Lead Implementer
Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
Course Information
ISO/IEC 27001 Lead Implementer
This 35-hour training course offers participants the opportunity to develop their skills in the function of steering an information security management implementation project and to prepare themselves through practice to lead operational teams. based on principles, procedures and project management techniques widely applied in the business world. During this training, the student will acquire the basic knowledge and skills allowing him to plan, implement, evaluate, and guarantee the integrity of the ISMS in compliance with the requirements of the ISO 27001 standard as well as the process of quality assurance required by the associated practice guides. On the basis of real examples and concrete exercises, the student will be led during the training to carry out an ISMS implementation project by developing capacities in program management and implementation and monitoring techniques as well as than in team management, through communication with the various interested parties.
- Security officer
- Risk managers
- Corporate Data Controllers
- Project managers or consultants wishing to master the implementation of an Information
- Security management system CxO and managers responsible for the IT
- Management of a company as well as risk management
- Members of an information security team
- Information Technology Expert Advisors
- Technical experts wanting to prepare for a position in information security
Day 1: Introduction to ISO/IEC 27001 and initiation of an ISMS
- Course objectives and structure
- Standards and regulatory frameworks
- Information Security Management System (ISMS)
- Fundamental principles of Information Security
- Management Systems
- Initiating the implementation of an ISMS
- Understanding the organization and clarifying the
- Information Security objectives
- Analysis of the existing management system
Day 2: Plan the implementation of an ISMS
- Leadership and approval of the ISMS project
- ISMS scope
- Information Security policies
- Risk assessment
- Statement of Applicability and top management`s decision to implement the ISMS
- Definition of the organizational structure of Information Security
Day 3: Implementation of an ISMS
- Definition of the document management process
- Design of security controls and drafting of specific policies & procedures
- Communication plan
- Training and awareness plan
- Implementation of security controls
- Incident Management
- Operations Management
Day 4 : ISMS monitoring, measurement, continuous improvement and preparation for a certification audit
- Monitoring, measurement, analysis and evaluation
- Internal audit
- Management review
- Treatment of non-conformities
- Continual improvement
- Preparing for the certification audit
- Competence and evaluation of implementers
- Closing the training
Day 5: Certification Exam
