Practices for supporting and improving information security management systems in accordance with the requirements of
ISO 27001
This online course will provide the top management of organizations with the necessary knowledge and skills to use the full capabilities of the information security management system to effectively and efficiently manage their business.
The course also contains a range of practical tools to help your management system work like a charm.
Duration
48 hours
Language
English/Ukrainian/Russian
Format
100% online
Objectives
- Successfully implement a systematic approach to business management
- Apply effective business planning tools
- Accurately identify processes, evaluate their performance, and manage them effectively and efficiently
- Effectively allocate responsibilities and authorities
- Correctly formulate the policy and strategy of your business
- Develop risk-based thinking
- Develop goals at the strategic, tactical and operational level
- Build a team of like-minded people, determine and maintain the competence of each employee, build a motivation system at your company
- Conduct regular reviews of your management system
- Get the most out of implementing the «Improvement» principle
Target audience
- Successful managers and leaders who wish to achieve maximum results
- Managers of all levels – to develop their own leadership and managerial abilities, as well as to develop their team and business
- Specialists who plan to take up managerial positions – to gain self-confidence and a deep understanding of the specifics of future work
Document on completion
Top manager certificate, specialization «Practices for supporting and improving information security management systems (ISMS) in accordance with the requirements of ISO / IEC 27001», listed in the SIC International Register
Thematic plan
The course program includes 2 modules.
The program is designed for 48 hours, including time for studying theoretical material and testing.
Objectives
Module 1 The practice of implementing, maintaining and improving the information security management system in accordance with the requirements of ISO 27001:2022
Number of hours
|
1 |
Introduction |
1,5 |
|
2 |
General provisions of the standard |
2,5 |
|
3 |
Context of the organization |
2 |
|
4 |
Leadership |
2 |
|
5 |
Planning |
2,5 |
|
6 |
Support (resources) |
2,5 |
|
7 |
Operation |
1 |
|
8 |
Performance evaluation |
3 |
|
9 |
Improvement |
1 |
|
10 |
Information security controls |
5 |
|
|
Testing |
1 |
Module 2 Tools and approaches for the development and continual improvement of the management system
Number of hours
|
1.1 |
Understanding the organization and its context |
3 |
|
1.2 |
Understanding the needs and expectations of stakeholders |
1 |
|
1.3 |
MS scope and processes |
1 |
|
1.4 |
Leadership |
2 |
|
1.5 |
Policy and strategy |
1 |
|
1.6 |
Roles, responsibilities and authorities |
1 |
|
1.7 |
Actions to address risks and opportunities |
2 |
|
1.8 |
MS objectives |
1 |
|
1.9 |
Planning of changes |
1 |
|
1.10 |
Resources |
2 |
|
1.11 |
Documented information |
1 |
|
1.12 |
Operational planning and control over current activities |
1 |
|
1.13 |
Internal audits |
1 |
|
1.14 |
Management review |
2 |
|
1.15 |
Nonconformity and corrective action |
1 |
|
1.16 |
Improvement |
2 |
|
|
Testing |
2 |