ISO 27001 ImplementationOrganisations are becoming increasingly aware of the value of their business-critical information and the need to protect their information-related assets. An information security management systsms (ISMS) is a risk management approach to maintaining the confidentiality, integrity and availability of the organization's information. This three-day course leads you through a series of exercises following the requirements of ISO 27001:2005 for ISMS implementation. Key implementation stages are illustrated by case study examples of techniques using both simple office tools (i.e. spreadsheets) and specialized information risk management software. You will also learn practical information risk management techniques that cover the advice and requirements of the ISO 27000 series of standards for information security management; their relation to ISO 17799, BS 7799 and business continuity management; and future developments in best practice.
Course Structure- Background to the standards
- Objectives of and ISMS
- Code of Practice ISO 17799:2005
- Certification Specification ISO 27001:2005
- Certification to ISO 27001:2005
- The ISO 27000 Series of Standards
- Defining the Scope and Boundaries of an ISMS
- Information Security Policy
- Information Risk Assessment
- Information Risk Management
- Implementing and Operating the ISMS
- Monitoring and Reviewing the ISMS
- Maintaining and Improving the ISMS
- Management Responsibility, Audit, Review and Improvement
- Business Continuity Management
For more detail,
click here to download training outline.
