ISO/IEC 27002 is the guidance document for organizations establishing an Information Security Management Systems in accordance with ISO/IEC 27001. It identifies information security controls best suited to their organization’s needs. This new update enables organizations to fully grasp the intent of risk management and risk mitigation in a more structured manner. The aim of this standard is to set a reference for information security controls to be used based on context-specific information security risk management.
This course fulfils the pre-requisite entry requirements for the Internal auditor/refresher training course and includes highly interactive exercises and case studies. The aim is to provide the opportunity to learn the fundamentals of Information Security Management Systems, especially focused on those based on the ISO/IEC 27001 and ISO/IEC 27002 standards.
Duration: 90 minutes.
ObjectivesAt the end of the course, attendees should be able to:
- Define information and information security.
- Identify how an Information Security Management System can improve the security of the business.
- Identify risks.
- Perform a risk assessment.
AudienceThis course is suitable for:
- Project managers and consultants involved in and concerned with the implementation of an ISMS.
- Expert advisors seeking to master the implementation of an ISMS.
- Individuals responsible for ensuring conformity to information security requirements within an organization.
- Members of an ISMS implementation team.
- Members of ISMS internal auditors’ team.
All our public courses can also be delivered in-house at your premises either as standard or tailored depending on the needs and requirements of your business.