ISO 27001 Information Security Management System Implementation

ISO 27001 Information Security Management System Implementation

ISO 27001 Information Security Management System Implementation

Who should attend ?

IT Security Centre Personnel, Auditors, Cyber Security Experts, IT Personnel to be audited under ISO 27001.


Familiarity with quality management systems is helpful but is not a requisite.

Course Syllabus

  • What is an ISMS and why is it needed?
  • “Plan-Do-Check-Act” process in ISO 27001
  • Risk assessment and treatment in information systems
  • ISO 27001 control categories
- Information security policies
    • Organization of information security
    • Human resources security
    • Asset management
    • Access control
    • Cryptography
    • Physical and environmental security
    • Operational security
    • Communications security
    • System acquisition, development and maintenance
    • Supplier relationships
    • Information security incident management
    • Information security aspects of business continuity management
    • Compliance
  • ISO 27001 conformance audit – Audit planning
    • Audit checklists
- Non-conformances and reporting
  • Several applications


3 Days.


Attendees will be able to establish ISMS in their institutions. Attendees will also be acquainted with audit concepts.

Course Tutor

Muharrem Aydın

Computer Engineer, Cyber Security Expert, IT Lawyer

After 10 years of software engineering experience with titles of software developer, product manager, and integration architect, I have been working in cyber security domain for last 10 years. I am not only a cyber security expert but also the head and kick-starter of a cyber security consultancy unit.

In security field, I have performed dozens of penetration tests for institutes from different sectors: finance, military, state agencies, and telcos.

I have been consulting different compaines in security field which includes global banks such as ING Bank, HSBC, CitiBank and more.

In addition, I am an adjunct instructor in a university and teaching cyber security for years.

I involved in technical areas and has taken responsibilities in:

  • Penetration tests (Pentests) and security audits
  • Cyber security training & consultancy
  • Source code analysis & secure software development
  • Cyber security incident response
  • Information security management system (ISMS) consultancy Open source cyber security systems, such as OpenVAS, OSSEC, OSSIM, Snort, Suricata, mod security

I’m creating my courses by using my know-how and 10 years of experience. As a result, our first course “Hacking Web Applications and Penetration Testing: Fast Start!” has gained “Best Seller” reputation in its category.

I have risen a lot of cyber security experts from scratch, and you are the next.