Clients ISO/IEC 27001 is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls.
It enables organizations to demonstrate excellence and prove best practice in Information Security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.
Re-released in 2013, ISO/IEC 27001 builds upon established foundations as the most widely recognized international standard specifically aimed at information security management. The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organization’s electronic and physical information resources.
The standard can be integrated with other management system framework standards, such as the quality standard ISO 9001 and ISO/IEC 20000 for IT service management.
ISO/IEC 27001 provides a model to establish, implement, maintain and continually improve a risk-managed ISMS. The design and implementation of the management system is tailored to the organization’s objectives, information assets, operational processes and governing legal and regulatory security requirements.
This course provides a basic insight in the ISO/IEC 27000 and ISO/IEC 27001.
ISO/IEC 27000 defines the terminology. ISO/IEC 27001 defines the requirements for an ISMS.
ISMS planning, support and operational requirements
Performance evaluation of the ISMS
Internal ISMS audits
Control objectives and controls.
Course and Learning Objectives
The scope and purpose of ISO/IEC 27001
The terms and definitions used in the ISO/IEC 27000 series
The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement
The processes, their objectives and high level requirements
Applicability and scope definition requirements
Use of controls to mitigate IS risks
The purpose of internal audits and external certification audits
The relationship with best practices and with other related International Standards; ISO 9001 and ISO/IEC 20000
Participants will learn the basic concepts of information security and core elements of the ISO/IEC 27001 standard for Information Security Management System. An interactive approach is used combining lecture, discussion and handouts to prepare participants for the ISO/IEC 27001 Foundation certification exam.
Course Student Material
Students will receive a ISO/IEC 27001 Foundation classroom workbook containing all of the presentation materials, course notes and sample exams.
ISO/IEC 27001 Foundation
Additional reference materials are not required for this course.
About the Examination
The exam is closed book with fifty (50) multiple choice questions. The pass score is 50% (25 out of 50 questions). The exam lasts 40 minutes. The exam can be taken Paper based.
There are no pre-requisites for this course, although a basic knowledge of Information Security concepts will be helpful.
Project Management Institute –Professional Development Units (PDUs) = 21
This is an introductory course for everyone in an organization who is involved with
the information management lifecycle. The module is also suitable for small independent businesses for which some basic knowledge of information security is necessary. This module may be a good start for new information security professionals.
Il prezzo include l'esame.
Offerte speciali e corsi dedicati per due o più iscrizioni.
* Il corso sarà confermato al raggiungimento del numero minimo di partecipanti.