Who will the Course Benefit?
Anyone involved in information security management, writing information security policies or implementing ISO 27001, either as a lead implementer or as part of an implementation team.
This fully accredited, practitioner-led course equips you to lead an ISO/IEC 27001 ISMS implementation project. This course will teach you the nine key steps involved in planning, implementing and maintaining an ISO 27001-compliant ISMS. It covers the best practices of information security management to ensure the confidentiality, integrity and availability of data.
Win new business by securing your organisation’s information assets and reducing data security risks with real-world expertise and practical insights.
At the end of the course you sit the ISO 27001 Certified ISMS Lead Implementer exam. You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the GASQ successful candidate register.
This course is accredited by Chartered Institute of Information Security (CIISec) and satisfies the IISP Skills Framework requirements at Level 1: A1, A2, A3, A4, A5, A6, A7, B1, B2, G1, H1 and H2.
This course will cover:
- Why information security management (ISM) is important to an organisation.
- The role and structure of an information security policy.
- The key concepts, principles and main requirements of ISO/IEC 27001:2013.
- The terms and definitions used in the Standard, including risk and options for risk assessments.
- How to interpret the requirements of ISO/IEC 27001:2013 to determine the scope of your ISMS.
- How to secure senior management commitment by building a compelling business case.
- How to structure and manage your ISO 27001 project.
- How to allocate roles and responsibilities for your ISO 27001 implementation.
- How to review and map your existing controls to Annex A of ISO 27001.
- The importance of the Statement of Applicability (SoA), and justifications for inclusions and exclusions.
- How to carry out an information security risk assessment – the core competence of information security management.
- The benefits of, and key issues when selecting, a risk assessment tool.
- How to develop a management framework, write policies and produce other critical documentation.
- The importance of staff, an effective communication strategy and general awareness training.
- The key elements of management review.
- How to prepare for your ISO 27001 certification audit and ensure you that you pass first time.
- How to manage and drive continual improvement under ISO 27001.
Attendees take the ISO27001 Certified ISMS Lead Implementer (CIS LI), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass.
Before joining this course, you need to have attended the ISO27001 Certified ISMS Foundation training course or you have a good working knowledge of ISO 27001 gained through practical experience.