Who should attend ?

IT Security Centre Personnel, Auditors, Cyber Security Experts, IT Personnel to be audited under ISO 27001.

Prerequisites

Familiarity with quality management systems is helpful but is not a requisite.

Course Syllabus

• What is an ISMS and why is it needed?
• “Plan-Do-Check-Act” process in ISO 27001
• Risk assessment and treatment in information systems
• ISO 27001 control categories
- Information security policies
  • Organization of information security
  • Human resources security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operational security
  • Communications security
  • System acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance
• ISO 27001 conformance audit – Audit planning
  • Audit checklists
- Non-conformances and reporting
• Several applications

Duration

3 Days.

Benefits

Attendees will be able to establish ISMS in their institutions. Attendees will also be acquainted with audit concepts.