_


Course Introduction

Growing scrutiny toward industry's Information Security Management has made conformance with ISO 27001:2013 - a voluntary, internationally recognized Information Security Management Systems (ISMS) standard - more important than ever. Competence of Lead Implementer is the most important factor for ensuring effective implementation of the Information Security Management System. Information Security management system Implementer require understanding of the standard, stake holder requirements, statutory requirements, and finally the application of these in most complex situations.

This five-day intensive course enables the participants to develop the expertise necessary to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001. The participants will also be given a thorough grounding in best practices used to implement Information Security controls from all areas of ISO 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). This training is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO 27005 (Risk Management in Information Security).

Industrial Training Objectives

  • Explain the purpose of an Information Security Management System (ISMS) and explain the processes involved in establishing, implementing, operating and monitoring, reviewing and improving an ISMS as defined in ISO 27001, including the significance of these for ISMS Impelmenter;
  • The course covers all nine key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS)
  • Develop skills to interpret the requirements of ISO/IEC 27001 & EA 7/03 in the context of ISMS implementation and undertake the role of an implementer  to plan, conduct, report and follow up an ISMS audit in accordance with ISO 19011

Course Outcomes

  • Introduction to ISO/IEC 27001 and initiation of an ISMS
  • Training course objectives and structure
  • Standards and regulatory frameworks
  • Information Security Management System (ISMS)
  • Fundamental information security concepts and principles
  • Initiation of the ISMS implementation
  • Understanding the organization and its context
  • ISMS scope
  • Planning the implementation of an ISMS
  • Leadership and project approval
  • Organizational structure
  • Analysis of the existing system
  • Information security policy
  • Risk management
  • Statement of Applicability
  • Implementation of an ISMS
  • Documented information management
  • Selection and design of controls
  • Implementation of controls
  • Trends and technologies
  • Communication
  • Competence and awareness
  • Security operations management
  • ISMS monitoring, continual improvement, and preparation for the certification audit
  • Monitoring, measurement, analysis & evaluation
  • Internal audit
  • Management review
  • Treatment of nonconformities
  • Continual improvement
  • Preparing for the certification audit
  • Certification process and closing of the training course

Course Schedule

Dates: 07 – 10 FEB 2022 ( Classroom & Online Training )

After registration participant can access ESCI LMS platform for digital learning

Session timings will be from 10:00 – 17:00 hrs with  One Hour Lunch Break, 15 Minutes Tea breaks.

Course Content