Who should attend?
IT Security Centre Personnel, Auditors, Cyber Security Experts, IT Personnel to be audited under ISO 27001.
- Familiarity with quality management systems is helpful but is not a requisite.
- What is an ISMS and why is it needed?
- “Plan-Do-Check-Act” process in ISO 27001
- Risk assessment and treatment in information systems
- ISO 27001 control categories
- Information security policies
- Organization of information security
- Human resources security
- Asset management
- Access control
- Physical and environmental security
- Operational security
- Communications security
- System acquisition, development and maintenance
- Supplier relationships
- Information security incident management
- Information security aspects of business continuity management
- ISO 27001 conformance audit – Audit planning
- Audit checklists
- Non-conformances and reporting
- Several applications
Attendees will be able to establish ISMS in their institutions. Attendees will also be acquainted with audit concepts.