This course enables participants to learn the best practices for implementing and managing an information security management system as specified in ISO/IEC 27001:2005 and the best practices for implementing information security measures from the 11 domains of ISO/IEC 27002:2005.
This course also enables the understanding of the relationship of ISO 27001 and ISO 27002 with ISO 27003 (Guidelines for the implementation of information security management systems), ISO 27004 (Measurement) and ISO 27005 (Information security risk management).
If you would like to take this course by distance learning, click on the “Distance learning” button to find out more about the program.
Course overview
- Understand the implementation of an Information Security Management System (ISMS) in accordance with ISO 27001
- Understand the relationship between an ISMS and compliance with the requirements of the various stakeholders of an organization (compliance, regulations, internal policy…)
- Know the concepts, approaches, standards, methods and techniques to effectively manage an Information Security Management System
- Acquire the required knowledge to contribute to the implementation of an Information Security Management System as specified in the ISO 27001
Course Curriculum
Day 1: introduction to the Information Security Management System (ISMS) concept as defined by ISO 27001
- Introduction to the ISO 27000 family of standards
- Introduction to management systems and the process approach
- Fundamental principles of information security
- General requirements: presentation of clauses 4 to 8 of ISO 27001
- Implementation phases of the ISO 27001 framework
- Continuous improvement of Information Security
- Conducting an ISO 27001″ certification audit
Day 2: implement information security measures in accordance with ISO 27002 and certification exam
- Definition of the perimeter (scope) of the ISMS
- ISMS Policy and Objectives Development
- Selection of the risk assessment approach and method
- Risk management: risk identification, analysis and treatment (according to ISO 27005)
- Drafting of the Declaration of Applicability
Method of Assessment
The “PECB Certified ISO/IEC 27001 Foundation” exam lasts 1 hour and is composed of single-choice questions. The exam covers the following areas of expertise:
- Domain 1: Fundamental principles and concepts of the Information Security Management System
- Domain 2: Information security management system
Training benefits
This training is based on alternating theoretical and practical sessions:
- Lectures illustrated with examples from real cases
- Classroom exercises to help prepare for the exam
- Practical tests similar to the certification exam
In order to preserve the good realization of the practical exercises, the number of participants in the training is limited.
Who should attend?
- Members of an information security team
- Information security professionals who want to gain a comprehensive understanding of the main processes of an information security management system (ISMS)
- Personnel involved in the implementation of the ISO 27001 standard
- Technicians involved in ISMS operations
- Auditors
- Managers and executives in charge of IT governance and risk management
Entry Requirements
Basic knowledge of information security
How and when to access
The participant is considered registered when:
- The prerequisites and needs are identified and validated
- The training agreement is signed
Registration requests can be sent up to 10 working days before the start of the training.
Accessibility
Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.
If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.
To go further
This training course is designed to prepare you for the following training courses:
Duration
2 days (14h)
Price
€1800 excl. tax.
Meal
Breakfast & lunch included
Financing
OPCO support
Course overview
- Understand the implementation of an Information Security Management System (ISMS) in accordance with ISO 27001
- Understand the relationship between an ISMS and compliance with the requirements of the various stakeholders of an organization (compliance, regulations, internal policy…)
- Know the concepts, approaches, standards, methods and techniques to effectively manage an Information Security Management System
- Acquire the required knowledge to contribute to the implementation of an Information Security Management System as specified in the ISO 27001
Course Curriculum
Session 1: Fundamentals and organizational knowledge
- The ISO model
- The ISO 27001 standard
- Continuous improvement
- The scope of ISMS
Session 2: Leadership and planning
- Leadership
- Planning
Session 3: Managing IS risks and opportunities
- Definition of risk
- Processes to be implemented
Session 4: Support and operation
- Declaration of Applicability
- Resources, skills and communication
- Operation
Session 5: ISMS assessment and maintenance
- Audit and control processes
- Management review
- Continuous improvement
Principle planning
- 10 hours of distance learning with the trainer, divided into 5 sessions of 2 hours each.
- 4h of independent personal work time on the e-learning platform
Method of Assessment
The “PECB Certified ISO/IEC 27001 Foundation” exam is held in a slot chosen by the candidate from several options, within a maximum of one year after training; it lasts 1 hour and is composed of single-choice questions. The exam covers the following areas of expertise:
- Domain 1: Fundamental principles and concepts of the Information Security Management System
- Domain 2: Information security management system
Training benefits
- Training provided by a cybersecurity expert
- An intuitive e-learning platform with videos and quizzes similar to the certification exam
- Exchanges on key concepts and experience sharing adapted to the learners’ context
- Exchanges on key concepts and experience sharing adapted to the learners’ context
Who should attend?
- Any person involved in information security management
- People wishing to acquire knowledge relating to the main processes of the Information Security Management System
- People wishing to pursue a career in information security management
Entry Requirements
Basic knowledge of information security
How and when to access
The participant is considered registered when:
- The prerequisites and needs are identified and validated
- The training agreement is signed
Registration requests can be sent up to 10 working days before the start of the training.
Accessibility
Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.
If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.
To go further
This training course is designed to prepare you for the following training courses:
Duration
14 hours
Price
€ 1 300 excl. tax.
Financing
OPCO support