ISO® 27001 Certification Training
- Notice: Undefined index: Drupal_visitor_user_country in training_calendar_block_data_sidebar() (line 181 of /home/mz1ym9drv5k4/public_html/sites/all/modules/custom/training_calendar_block/training_calendar_block.module).
- Notice: Undefined index: Drupal_visitor_user_country in training_calendar_block_data_sidebar() (line 197 of /home/mz1ym9drv5k4/public_html/sites/all/modules/custom/training_calendar_block/training_calendar_block.module).
- Notice: Undefined index: Drupal_visitor_user_country in tcs_form() (line 55 of /home/mz1ym9drv5k4/public_html/sites/all/modules/custom/training_calendar_search_block/training_calendar_search_block.module).
ISO 27001 enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2005, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This training also helps to understand how ISO 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).
TARGET GROUP OF THE QUALIFICATION
- Members of an information security team
- IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS)
- Staff involved in the implementation of the ISO 27001 standard
- Technicians involved in operations related to an ISMS
- CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
THIS QUALIFICATION EMPOWERS YOU
- To Understand the implementation of an Information Security Management System in accordance with ISO27001
- To Understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
- To Know the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System
- To Acquire the necessary Knowledge to contribute in implementing an Information Security Management System (ISMS) as specified in ISO 27001
ISO 27001 FOUNDATION LEVEL COURSE OUTLINE
Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001
- Introduction to the ISO 27000 family of standards
- Introduction to management systems and the process approach
- Fundamental principles information security
- General requirements: presentation of the clauses 4 to 8 of ISO 27001
- Implementation phases of ISO 27001 framework
- Continual improvement of Information Security
- Conducting an ISO 27001 certification audit
Day 2: Implementing controls in information security according to ISO 27002 and Certification Exam
- Principles and design of information security controls
- Documentation of an information security control environment
- Monitoring and reviewing the information security controls
- Examples of implementation of information security controls based on ISO 27002 best practices
- Certified ISO/IEC 27001 Foundation exam
- Training approach
This training is based on both theory and practice:
Sessions of lectures illustrated with examples based on real cases
Review exercises to assist the exam preparation
Practice test similar to the certification exam
- To benefit from the practical exercises, the number of training participants is limited
Multiple-choice examination consisting of 40 questions. The examination is passed, if minimum 65% of the answers are answered correct (26 of 40). Closed Book examination.
Time: 60 minutes.
The exam covers the following competence domains:
- Domain 1: Fundamental principles and concepts of information security
- Domain 2: Information Security Management System (ISMS)
WEIGHT OF EXAM CONTENT
Exam requirements Weight
1. The candidate understands the definitions and principles of Information Security Management 10%
2. The candidate understands the position of ISO/IEC 27001 in the context of ISM 40%
3. The candidate understands the concept and the content of ISM according to ISO/IEC 27001 35%
4. The candidate has an overview of the Security Controls of ISO/IEC 27001 15%
(insofar as control objectives exist)