Using a combination of formal training, practical exercises and relevant case studies, an experienced ISO 27001 trainer and professional will:
Take you through the nine steps to ISO 27001 Success.
Help you to develop the skills required to achieve ISO 27001 compliance for your organization.
Help you maximize project value and avoiding common pitfalls.
What will you learn?
Securing senior management commitment and building the business case.
The role and structure of an information security policy.
How to determine the scope of your ISMS based on the requirements of ISO 27001.
Developing a management framework.
How to structure and manage your ISO 27001 project.
How to allocate roles and responsibilities for your ISO 27001 implementation.
The definition of risk in ISO 27001 and options for risk assessments under the Standard.
Who should attend this course?
Anyone concerned in information security management, writing information security policies or implementing ISO 27001, either as a Lead Implementer or as part of an implementation team.
Entry requirements
There are no formal entry requirements. However, it is assumed that you will have a basic knowledge of ISO 27001 gained through practical experience, reading the ISO 27001:2013 standard, or by attending the ISO27001 Certified ISMS Foundation Online course.
Additional information
This course is non-residential, but we can assist you to find a hotel close to the preparation venue if you require. Simply drop us an email (info@advanceinnovationgroup.com) after you book. Our superb training support team will find the solution most suitable for your needs.
The course includes:
Professional training venue with lunch and refreshments.
Comprehensive documentation (digital copy provided as PDF file.)
ISO27001 Certified ISMS Lead Implementer (CIS LI) examination.
Certificate of attendance.
Guaranteed to run. We never cancel a course.
Online access requirements:
Please note that this course is delivered as a Skype Live Online session at fixed times and on fixed dates.
The course has been designed for those wishing to:
To understand the fundamental concept of ISMS auditing
Become Internal ISMS Implementer
Extend and develop their previous knowledge of quality, systems and auditing skills
Course Contents
Session 1
Introduction to the management of an Information Security Management System (ISMS) based on ISO 27001 and launching an ISMS
Introduction to management systems and the process approach
Detailed presentation of the standards ISO/IEC 27001:2013, ISO/IEC 27002:2013 and ISO/IEC 27003:2009
Fundamental principles of Information Security
Preliminary analysis and determining the level of maturity of the existing management of the Information Security based upon ISO/IEC 21827:2008
Writing the business case and preface design of the ISMS
Rising a project map of compliance to ISO/IEC 27001:2013
Session 2
Establishment of the Governance Framework
Definition of roles & responsibilities
Drafting of the ISMS policy
Defining the scope of the ISMS
Risk management according to ISO/IEC 27005:2008: identification, analysis and treatment of risk
Drafting the Statement of Applicability
Session 3
Launching and implementing an ISMS based on ISO27001
Implementation of a document management framework
Design of controls and writing procedures
Implementation of controls
Development of a training & awareness program and communicating about the Information Security
Incident Management according to ISO/IEC 27035
Operations management of an ISM
Session 4
Control, act and the certification audit of the ISMS according ISO 27001
Monitoring controls and the management of records
Development of metrics, performance indicators and the dashboard in accordance with ISO/IEC 27004:2009
Internal ISMS Audit
Management review of the ISMS
Implementation of a continuous improvement program
Preparing for the ISO/IEC 27001:2013 audit.
Session 5
Exam