Introduction:
The programme aims to provide delegates with learning how to:
• explain the purpose and business benefits of an information security management system;
• outline the structure and content of ISO/IEC 27001 and its relationship with ISO/IEC 27000 and ISO/IEC 27002;
• explain the specific information security management-related requirements of ISO/IEC
27001
Language: English
Duration: 2 days
Learning Outcomes:
This course aims to equip participants with the following:
• Explain the purpose and intent of conducting an LCA study
• Understand the goal and scope of an LCA study
• Comprehend the data gathering process for LCA
• Relate collected data to environmental impacts
Course Outline:
-
-
Day 1
-
09.00
-
Session 1: Introduction of Information Security Management Standards and the ISO/IEC 27000 series of Standards.
-
History of ISO/IEC 27001; ISMS family of Standards; ISMS concepts; compatibility with other management system standards; the process approach; continual improvement based on the PDCA cycle; benefits of ISMS.
-
Workshop 1: Information security concepts
-
-
11.00
-
Session 2: ISO/IEC 27001:2013 – overview and clauses 4 to 7
-
The structure of ISO/IEC 27001; scope and application; ISO/IEC 27001 requirements; context of the organisation; leadership; planning resources.
-
-
13.00-14.00
-
Lunch
-
-
14.00
-
Workshop 2: ISMS questionnaire
-
-
15.00
-
Session 3: ISO/IEC 27001:2013 clause 8 and risk assessment
-
ISO/IEC 27001 requirements; operation; approaches to risk assessment; risk assessment techniques; risk control
-
-
17.00
-
End of Day 1
-
-
-
Day 2
-
09.00
-
Session 4: ISO/IEC 27001:2013 clauses 9 and 10, and Annex A
-
ISO/IEC 27001 requirements; performance evaluation; improvement; reference control objectives and controls.
-
-
12.00
-
Workshop 3: Risk Assessment
-
-
13.00-14.00
-
Lunch
-
-
14.00
-
Module: Information security legislation
-
-
16.30
-
Course Summary
-
-
17.00
-
End of Day 2
There will be a break of 15 minutes mid-morning and mid-afternoon.
-
-
-