Select Page

ISO 27001 Information Security Management Lead Implementer

TRAINING SCHEDULE

ISO 27001 Information Security Management Lead Implementer 5 Days
ISO 27001 Information Security Management Lead Implementer (1 day a Week X 5 weeks)

DATE

TBD
TBD

Training Type

Virtual
Virtual

Enroll

All training runs from 9:00 to 16:30 every day.

About the ISO 27001 Lead Implementer Course

ISO/IEC 27001 Lead Implementer five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001. Participants will also master the best practices for implementing information security controls from eleven areas of ISO/IEC 27002:2005.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Course Description

Key Features of the ISO 27001 Lead Implementer Training:

  • Understanding the application of an Information Security Management System in the ISO/IEC 27001 context
  • Mastering the concepts, approaches, standards, methods and techniques allowing an effective management of an Information Security Management System
  • Understand the relationship between an Information Security Management System, including risk management and controls, and compliance with the requirements of different stakeholders of the organization
  • Acquiring expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
  • Acquiring the expertise necessary to manage a team in implementing the ISO/IEC 27001:2005 standard
  • Develop personal skills and knowledge required to advise organizations on best practices in management of information security
  • Improve the capacity for analysis and decision-making in a context of information security management
Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001; initiating an ISMS
  • Introduction to the management systems and the process approach
  • Presentation of the ISO 27000 family standards and regulatory framework
  • Fundamental principles of Information Security
  • Preliminary analysis and determining the level of maturity based on ISO 21827
  • Writing a business case and a project plan for the implementation of an ISMS
Planning the implementation of an ISMS based on ISO 27001
  • Defining the scope of an ISMS
  • Drafting an ISMS and Information Security policies
  • Selection of the approach and methodology for risk assessment
  • Risk management: identification, analysis and treatment of risk (based on ISO 27005)
  • Drafting the statement of applicability
Implementing an ISMS based on ISO 27001
  • Implementation of a document management framework
  • Design of and implementation of controls
  • Information Security training, awareness and communication program
  • Incident management (drawing on guidance from ISO 27035)
  • Operations management of an ISMS
Control, monitor and measure an ISMS and the certification audit of the ISMS in accordance with ISO 27001
  • Monitoring the ISMS controls
  • Development of metrics, performance indicators and dashboards in accordance with ISO 27004
  • ISO 27001 internal audit
  • Management review of an ISMS
  • Implementation of a continual improvement program
  • Preparing for an ISO 27001 certification audit

Domain 1: Fundamental principles and concepts in information security

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System (ISMS)

Domain 2: Information Security Control Best Practice based on ISO 27002

Main Objective: Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can understand, interpret and provide guidance on how to implement and manage Information Security controls best practices based on ISO 27002

Domain 3: Planning an ISMS based on ISO 27001

Main Objective: Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can plan the implementation of an ISMS in preparation for an ISO 27001 certification

Domain 4: Implementing an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can implement the processes and security controls of an ISMS required for an ISO 27001 certification

Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can evaluate, monitor and measure the performance of an ISMS in the context of an ISO 27001 certification

Domain 6: Continuous improvement of an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can provide guidance on the continuous improvement of an ISMS in the context of ISO 27001

Domain 7: Preparation for an ISMS certification audit

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can prepare and assist an organization for the certification of an ISMS against the ISO 27001 standard

Target Audience

This training course is intended for professionals who are working in the field of information security and would like to use ISO/IEC 27001 International Standard to assess an organization’s ability to meet their own information security requirements.

  • Internal auditors
  • Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information security audit function