Security

ISO27001 Lead Implementer

This five-day intensive course enables the participants to develop the expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2005. Participants will also master the best practices for implementing information security controls from the eleven areas of ISO/IEC 27002:2005.

ISO 27001 Lead Implementer

This five-day intensive course enables the participants to develop the expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2005. Participants will also master the best practices for implementing information security controls from the eleven areas of ISO/IEC 27002:2005.

This training is consistent with the good practices of project management established by the Project Management Institute (PMI) and ISO 10006:2003 (Quality Management Systems – Guidelines for Quality Management in Projects). This training is fully compatible with ISO/IEC 27003:2009 (Guidelines for the Implementation of ISMS), ISO/IEC 27004:2009 (Measurement of Information Security) and ISO/IEC 27005:2008 (Risk Management in Information Security).
The components of the training program include:

• Course Certificate: ISO/IEC 27001:2005 Lead Implementer

• Duration: 5 Days – (40 Hours of Training)

• Course Delivery: Instructor Led



TBD

Check back often for updates or send us an email at [email protected] so we can notify you of upcoming courses.

Project manager or consultant wanting to prepare for and support an organization in the implementation of an Information Security Management System (ISMS)

• ISO27001 Auditor who wants to master the Information Security Management System implementation process

• Person responsible for the information security or conformity in an organization

• Member of the information security team

• Expert advisor in information technology

• Technical expert wanting to prepare for an information security function or for an ISMS project management function

• ISMS Foundation training or a basic knowledge of ISO/IEC 27001:2005 and ISO/IEC 27002:2005 is recommended

At the end of this course, the participant will gain competencies in:

• Understanding the application of an Information Security Management System in the ISO/IEC 27001:2005 context

• Mastering the concepts, approaches, standards, methods and techniques allowing effective management of an Information Security Management System

• Understanding the relationship between an Information Security Management System, including risk management and controls and compliance with the requirements of different stakeholders of the organization

• Acquiring expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001:2005

• Acquiring the expertise necessary to manage a team in implementing the ISO/IEC 27001:2005 standard

• Developing personal skills and knowledge required to advise organizations on best practices in management of information security

• Improving the capacity for analysis and decision making in a context of information security management

• Certification: ISO/IEC 27001:2005 – ISMS Implementer

• Length of test: 180 minutes

• Passing score: 70%

• Languages: English

• Duration 3 Hours

• Credits: 35 CPE (Continuing Professional Education) Credits with be issued

Module 1: Introduction to Information Security Management System (ISMS)

• Introduction to management systems and the process approach

• Detailed presentation of the standards ISO/IEC 27001:2005, ISO/IEC 27002:2005 and ISO/IEC 27003:2009

• Fundamental principles of Information Security

• Preliminary analysis and determining the level of maturity of the existing management of the Information Security based upon ISO/IEC 21827:2008

• Writing the business case and preliminary design of the ISMS

• Developing a project plan of compliance to ISO/IEC 27001:2005

Module 2: Planning an ISMS based on ISO 27001

• Establishment of the Governance Framework

• Definition of roles & responsibilities

• Drafting of the ISMS policy

• Defining the scope of the ISMS

• Risk management according to ISO/IEC 27005:2008: identification, analysis and treatment of risk

• Drafting the Statement of Applicability

Module 3: Launching and implementing an ISMS based on ISO27001

• Implementation of a document management framework

• Design of controls and writing procedures

• Implementation of controls

• Development of a training & awareness program and communication around the information security

• Incident Management according to ISO/IEC TR 18044:2004

• Operations management of an ISMS

Module 4: Control, act and the certification audit of the ISMS according ISO/IEC 27001

• Monitoring controls and the management of records

• Development of metrics, performance indicators and the dashboard in accordance with ISO/IEC 27004:2009

• Internal ISMS Audit

• Management review of the ISMS

• Implementation of a continuous improvement program

• Preparing for the ISO/IEC