About
ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). ISO/IEC 27001 provides a model for creating, implementing, exercising, auditing, maintaining and improving an information security management system. Goals The delegates understand the scope, objectives, key terminology and high requirements of the ISO/IEC 27001 standard as used in an information security organization and the main elements of the certification process. In particular, they learn: - Scope and purpose of ISO/IEC 27001 and how it can be used - Key terms and definitions used in the ISO/IEC 27000 series - Applicability and scope definition requirements - Need for continual improvement - Processes, their objectives and high level requirements - Use of controls to mitigate IS risks - Purpose of internal audits and external certification audits, their operation and the associated terminology - Relationship with best practices and and other standards Pre-requisite The course does not have mandatory formal requirements. However, we recommend the delegates to familiarize with information security concepts. Audience Internal and external persons who fulfill a role in the area of information security management. What is included: - Training Slides - Exam voucher - Certificate of Attendance The standard is not included. It can be purchased from https://www.iso.org 2.5-days (virtual online) Price: EUR 550 + VAT Time Zone: Central European Time Groups of 5 or more receive 10% discount. Register for both Foundation and Practitioner-Information Security Officer courses and receive 5% discount. The discounts are not cumulative – the highest discount always applies. Contact us at contactus@gira.group for more information.