Information Security Management Systems Manager (ISO 27001)
This online course allows you to gain the necessary knowledge and skills to develop, implement and maintain the information security management system (ISMS) based on ISO 27001:2022.
Training participants will gain knowledge about various components of the information security management system (ISMS), including the following: leadership, risk management, necessary procedures and information security controls, documentation, performance evaluation, management review, continual development and improvement of the ISMS.
Duration
24 hours
Language
English/Ukrainian/Russia
Format
100% online
Objectives
- Understand the principles of implementing the ISMS in accordance with the requirements of ISO 27001
- Get a complete understanding of the concepts, approaches, methods and techniques necessary for the effective management of the ISMS
- Gain knowledge in the scope of identifying risks and opportunities associated with the ISMS
- Understand the relationship between the ISMS and compliance with the requirements of various stakeholders of the organization
- Improve the ability to analyze the internal and external environment of an organization and make decisions in the context of the information security management system
- Determine which of the 93 information security controls are applicable to your organization
Target audience
- Heads and specialists of departments responsible for information security
- Project managers and consultants who wish to master the process of developing and implementing an information security management system
- Members of the ISMS implementation team at the enterprise
- Professionals who wish to gain in-depth knowledge of the ISMS
- Specialists involved in the day-to-day support of the ISMS processes
- Students of specialized faculties
Document on completion
ISMS Manager Certificate, listed in the SIC international register
Evaluation scale
60.0-100.0
0.0-59.9
Complies
Does not comply
Thematic plan
The course program includes:
1 Module “Information security management systems (ISO/IEC 27001)”
The program is designed for 24 hours, including time for studying theoretical material and taking tests.
Objectives
Module 1 Information Security Management Systems (ISO 27001)
Number of hours
1 |
Introduction |
1,5 |
2 |
General provisions of the standard |
2,5 |
3 |
Context of the organization |
2 |
4 |
Leadership |
2 |
5 |
Planning |
2,5 |
6 |
Support (resources) |
2,5 |
7 |
Operation |
1 |
8 |
Performance evaluation |
3 |
9 |
Improvement |
1 |
10 |
Information security controls |
5 |
|
Testing |
1 |
Detailed content of the program Module 1Information Security Management Systems (ISO 27001)
1 |
Introduction: – General – The most popular cyber security threats – Information security management systems: benefits – ISMS standards: history – Changes to the latest edition of ISO/IEC 27001 |
2 |
General provisions of the standard: – Framework of the standard – Scope – Terms and definitions |
3 |
Context of the organization: – Understanding the organization and its context, examples – Understanding the needs and expectations of interested parties, examples – Determining the scope of the information security management system – ISMS and its processes |
.4 |
Leadership: – Leadership and commitment – Policy, topic-specific IS policies – Organizational roles, responsibilities and authorities |
5
|
Planning: – Actions to address risks and opportunities – Information security objectives – Planning of changes |
6 |
Support: – Resources, examples – Competence – Awareness – Communication, examples – Documented information, list of mandatory documents |
7 |
Operation: – Operational planning and control – Information security risk assessment – Information security risk treatment |
8 |
Performance evaluation: – Monitoring, measurement, analysis and evaluation – Internal audit – Management review |
9 |
Improvement: – Nonconformity and corrective action – Continual improvement |
10 |
Information security controls: – Organizational controls – People controls – Physical controls – Technological controls |