Course description
Recent high profile information security breaches and the value of information are highlighting the ever increasing need for organisations to protect their information. An Information Security Management System (ISMS) is a controlled approach to managing sensitive company information so that it remains secure. It encompasses people, processes and Information Management Security Systems.
The objective of this course is to provide delegates with the necessary skills and tools to implement an ISMS that meets the certification requirements of ISO 27001:2005 and is based on the code of practice defined by ISO 17799. The course will prepare delegates for the ISO 27001 Lead Implementer Certificate and provide delegates with useful tools and a reference framework for implementation.
Who should attend?
- Staff tasked with the implementation and management of an ISO 27001:2005 Information Security Management System
- Information Security Consultants
- The course is designed for people who have a good understanding of ISO 27001:2005 and ISO 17799:2005 Information Security Management Systems, (attendance of Introduction to Information Security or the ISO 27001:2005 Lead Auditor course is recommended)
Benefits to your business
Both the objective and result of the course is the development of a skeleton ISMS, including key processes, policies and procedures which can be used the moment you step back into your office to start implementing an effective ISMS in your organisation. The knowledge and skills imparted during this course will prove invaluable in improving and protecting your business.
Course structure
- Background to information security
- Roles and responsibilities in the development of an ISMS
- Determination of ISMS scope
- Writing the information security policy
- Determination of risk and impacts
- Identification of ISO 27001 control objective and controls
- ISO 27001 GAP Analysis
- Production of an ISMS project implementation plan
- Production and implementation of policies, standards and procedures
- Security Awareness Training (SAT)
- Incident Management
- Business Continuity Management
- Definition of security metrics to measure the ISMS processes and controls
- Completion of ISMS documentation requirements
- Certification process
- Lead Implementer ISO/IEC 27001:2005 Certificate Exam
Further information
This is a Five-day course including refreshments, lunch and course notes.
*As evening work may be required as part of the course, we recommend that the delegate takes accommodation for the full duration of the course at the training venue. Please discuss when booking.
Next steps
For more information, please contact BSI India or complete our training enquiry form.
Contact us
