INFORMATION SECURITY MANAGEMENT SYSTEM (ISO 27001:2013)

  • ISO 27001:2013 Lead Auditor Course

    Information Security Management System help to protect IT systems and other critical information of the company against the threat of loss, theft and damage. ISO 27001 uses the Plan-Do-Check-Act (PDCA) model as part of a management system approach to developing, implementing, and improving the effectiveness of an organization’s information security management system.

    The 5 Days NABCB/IRCA Approved ISMS (ISO 27001:2013) Lead Auditor Course is designed to understand the specific requirements outlined in ISO 27001: 2013 and ISO 17799:2013 (Code of Practice for ISMS), to enable delegates learn how to audit an ISMS that protects information assets such as financial data, customer records & proprietary corporate information. It also empowers the delegates to provide practical help and information for ISO 27001 compliance and certification.

    Duration

    5 Days

    Content

    •   Fundamentals & vocabulary
    •   OECD Principles
    •   Risk Management
    •   ISO 27001: 2013—Specification for an Information Security Management System
    •   ISO 27002: 2013— Code Of Practice for information security management
    •   ISO 19011: 2002—guidelines for Auditing.

    Benefits

    •   Develop an additional Management skill of Audit
    •   Can register themselves anywhere in the world as an Auditors with members of IPC (International Personnel Certification Association)
    •   Are preferred in Certification and Auditing Organizations
    •   Are preferred in consultancy organizations or they can become a consultant by themselves
    •   Can register themselves anywhere in the world as an Auditors with members of IPC (International Personnel Certification Association)

    Who should attend?

    •   This course is essential for personnel of those organizations who have implemented or are in the process of implementing ISO 27001 / those who carry out / plan to carry out second party / third party audits.
    •   Delegates are expected to have some understanding of the content, application and implementation of the ISO 27001:2013. No prior knowledge may lead unsuccessful completion as gaps.

  • ISO 27001:2013 Internal Auditor Course

  • ISO 27001:2013 Implementation Course

    In today’s competitive business environment, Information is constantly under threat from many sources irrespective of an organization’s size and the market it operates in. The security of information assets is crucial to all organizations and requires effective management.

    In order to effectively manage your organization’s information risks and threats, you should establish an Information Security Management Systems (ISMS). An ISMS, based on ISO 27001, will help you to manage these issues while continually improving the security of your information. Establishing an ISMS based on ISO 27001 enables your organization to protect its information assets

    ISO 27001:2013, is the internationally recognized standard for setting out the requirements for an ISMS. It helps identify, manage and minimize the range of threats to which information is regularly subjected. The standard is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties including an organization’s customers and suppliers.

    Duration

    3 Days

    Content

    •   Concept and Philosophy of ISMS Framework
    •   ISO 27001:2013 Requirements
    •   Control Objectives
    •   Determination of scope and Information Security policy.
    •   Identification of information assets.
    •   Determination of the value of information assets.
    •   Risk Assessment – determination of risk and impacts.
    •   Identification of control objective and controls.
    •   Definition and implementation of polices.
    •   Documentation of ISMS
    •   Planning the Implementation
    •   Improving the ISMS

    Benefits

    •   Both the objective and result of the course will be the construction of an effective ISMS
    •   Take the knowledge and skills imparted during this exercise and use them to improve and protect your business.

    Who should attend?

    •   Persons responsible for implementation and management of a ISO 27001: 2013
    •   Information security consultants.
    •   The course is designed for people who have a good understanding of ISO 27001: 2013 and ISO 17799: 2013 Information security management systems.

  • ISO 27001:2013 Awareness Programme

    Information Security Management System help to protect IT systems and other critical information of the company against the threat of loss, theft and damage. ISO 27001 uses the Plan-Do-Check-Act (PDCA) model as part of a management system approach to developing, implementing, and improving the effectiveness of an organization’s information security management system.

    ISMS (ISO 27001:2013) Awareness Course to enable delegates to have an understanding and overview of ISO 27000.

    Duration

    1 Days

    Content

    •   Introduction to ISO 27001: 2013 History, development, and overview
    •   Overview of the standard ISO 27001:2013
    •   Overview of Control Objectives (Annexure A)

    Benefits

    •   Implement the requirements of the standards;
    •   Conduct internal quality audits; and
    •   Participate in the maintenance of the organization’s information management system

    Who should attend?

    •   Staff tasked with the implementation and management of an ISMS
    •   All employees of an organization implementing ISO 27001.