- Understand the requirements of the ISO/IEC 27001:2005 and ISO/IEC 27002 standards
- Practical techniques for designing and implementing an ISMS
- Detail explanations of the ISO/IEC 27001:2005 ISMS components and the improvement cycle
- Understand the necessary skills to design, implement, maintain and audit an effective ISMS
- Assess an organisation’s information security needs against ISO/IEC 27002:2007 and ISO/IEC 27001:2005
In addition the course will have hands-on activities in which delegates will have the opportunity to undertake practical exercises with the intention of formulating practical documents that can be used in their business, including:
- Information Security policy
- Identification of information assets and their value
- Determination of risk and impacts
- Identification of control objective and controls
- Risk Analysis and Risk Treatment Plan
- Statement of Applicability (SOA)
- Completion of ISMS documentation requirements
- Production of a ISMS Project Implementation Plan
No comments:
Post a Comment