ISO/IEC 27001 Lead Implementer| PECBThis five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013.
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects). This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).
100% Students Certified successfully
Who Should Attend
- Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS)
- ISO/IEC 27001 auditors who wish to fully understand the Information Security Management System implementation process
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
- Members of an information security team
- Expert advisors in information technology
- Technical experts wanting to prepare for an information security function or for an ISMS project management function
- Introduction to management systems and the process approach
- Presentation of the standards ISO/IEC 27001, ISO 27002 and ISO 27003 and regulatory framework
- Fundamental principles of Information Security
- Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827
- Writing a business case and a project plan for the implementation of an ISMS
- Defining the scope of an ISMS
- Development of an ISMS and information security policies
- Selection of the approach and methodology for risk assessment
- Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO/IEC 27005
- Drafting the Statement of Applicability
- Implementation of a document management framework
- Design of controls and writing procedures
- Implementation of controls
- Development of a training & awareness program and communicating about the information security
- Incident management (based on guidance from ISO 27035)
- Operations management of an ISMS
- Controlling and Monitoring the ISMS
- Development of metrics, performance indicators and dashboards in accordance with ISO 27004
- ISO/IEC 27001 internal Audit
- Management review of an ISMS
- Implementation of a continual improvement program
- Preparing for an ISO/IEC 27001 certification audit
- 2 Days
- Duration : 1 Hours
- Question format : Essay-type questions
- Exam language : English
ISO/IEC 27001 Foundation Certification or a basic knowledge of ISO/IEC 27001 is recommended.
CISSP Trainer in InfoSec is Excellent. He helped me understand concepts better. He is very hardworking and dedicated and goes extra mile to help.
Ajay Siwach – IT Manager, Grant Thornton India
Trainer was highly instrumental in helping me pass my CISSP exam on the first attempt. He is a great tutor and is very articulate when teaching complex security topics. InfosecTrain trainer is your go to man if you need help with passing CISSP!!
Arif O – Cyber Security Consultant, India