Information is a valuable asset in any organization. Every organization globally is facing constant threats. These threats can exploit vulnerabilities and become a risk to the organization’s continuity.
In order, to overcome and sustain such risks and protect your information assets, adopt and implement the globally accepted ISO/IEC 27001:2013 standard for information security is what many organizations do.
In summary, managing information security has become more than keeping hackers out of your network.
Why should you take this training?
This training program will help the candidates to understand the essence and relevance of information security and the context of ISO/IEC 27001:2013 standard.
The purpose of this training is:
- To provide the candidate with a complete understanding of information security concepts;
- To provide the candidate with an overview of the structure and clauses of ISO/IEC 27001:2013 standard;
- To provide the candidate with an overview of the internal controls and control objectives of ISO/IEC 27001:2013 standard;
- To provide the candidate with an overview of how to conduct risk management using appropriate ISO standard;
- To provide the candidate with an overview of auditing information security management system.
Who should attend this training?
This comprehensive program is open to anyone who wants to better play the role of an auditor or anyone who wants to lead an audit program.
Ideally, this program is suitable for:
- Information Security and IT professionals
- Information System and Security Auditors
- Compliance Officers, Legal Counsels
- Data Privacy professionals
- Designated Data Protection Officers
- Senior Management / Leadership roles
What you will learn in this training?
This training program will help the candidates to understand what information security is, the key aspects of information security, the required organizational controls and the structure of ISO/IEC 27001:2013 standard.
The candidates will also understand the overview and vocabulary, the requirements, risk management and auditing guidelines using appropriate ISO standards for information security management.
Course duration: 2-days of Learning. (Each day is about 8 hours).
Bloom Level: BL1 and BL2
Information Security Concepts
- Value, importance and reliability of information
- Threats, vulnerabilities and risks
- Security policy and security organization
- Importance of security measures
- Physical, technical and organizational measures
- Importance and impact of legislation and regulations
ISO/IEC 27000:2018 standard Overview and vocabulary
- What is Information security management System (ISMS)?
- Why ISMS is important?
- How to establish, monitor, maintain and improve ISMS?
- What are the ISMS Critical Success Factors?
- What is the ISMS family of standards?
ISO/IEC 27001:2013 Introduction to Information Security Management Systems Requirements
- Introduction to ISO/IEC 27001
- Introduction to Clauses of ISO/IEC 27001
ISO/IEC 27002:2013 Introduction to Information Security Controls
- Introduction to control objectives and controls
- What are the controls objectives and controls specified by the standard?
ISO/IEC 27005:2018 Introduction to Information Security Risk Management
- Overview of Information Security Risk Management Process
ISO/IEC 27007:2020 Introduction to Auditing ISMS Guidelines
- Overview of Information Security Management System Auditing
How you will learn?
This training program is delivered in a classroom or online setting using case study and class exercises that are designed to enhance the participants’ interpretation of information security and ISO/IEC 27001:2013 standard.
Candidates, who complete this training program, are suitably prepared to take the 1WCERT Foundation certification exam.
Supporting material for this training:
Candidates will receive an electronic copy (PDF) of the training program slides deck along with classroom notes, case study and sample exam preparation questions.
An integral part of the training material is free 90 days access to our online LMS (Learning Management System).
What are the prerequisites for this training?
For this course, it is necessary that the candidate has basic knowledge of Information Security.
On passing the 1WCERT exam you become, ISO/IEC 27001:2013 Standard Foundation certified