Course details

This course enables participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001:2005, as well as the best practices for implementing the information security controls of the eleven domains of the ISO 27002. This training also helps to understand how ISO 27001 and ISO 27002 relate with ISO 27003 (Guidelines for the implementation of an ISMS), ISO 27004 (Measurement of information security) and ISO 27005 (Risk Management in Information Security).

Audience:

  • Members of an information security team
  • IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security

Management System (ISMS)

  • Staff involved in the implementation of the ISO 27001 standard
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks

Learning Objectives:

At the end of this course, participants will gain competencies in:

  • Understanding the implementation of an Information Security Management System in accordance with ISO27001
  • Understanding the relationship between an Information Security Management System, including risk management,controls and compliance with the requirements of different stakeholders of the organization
  • Knowing the concepts, approaches, standards, methods and techniques allowing to effectively manage anInformation Security Management System
  • Acquiring the necessary Knowledge to contribute in implementing an Information Security Management System (ISMS) as specified in ISO 27001

Practical Information about the Course

  •  Whiteboard, flipchart, projector
  •  16 participants maximum

Course Agenda

Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001

  •  Introduction to the ISO 27000 family of standards
  •  Introduction to management systems and the process approach
  •  Fundamental principles information security
  •  General requirements: Presentation of the clauses 4 to 8 of ISO 27001
  •  Implementation phases of ISO 27001 framework
  •  Continual improvement of Information Security
  •  Conducting an ISO 27001 certification audit

Day 2: Implementing controls in information security according to ISO 27002 and Certification Exam

  •  Principles and design of information security controls
  •  Documentation of an information security control environment
  •  Monitoring and reviewing the information security controls
  •  Examples of implementation of information security controls based on ISO 27002 best practices
  •  Certified ISO/IEC 27001 Foundation exam
Updated on 08 November, 2015

About National Institute of Technology (NIT)

NIT was established in the year 1997, with an objective of addressing the IT needs of the Kingdom and started its operations as a part of the US$ 100 million company, Almoayed Group

NIT was the first Training institution in the country to achieve the prestigious ISO quality certification.

Microsoft Learning Partner, Oracle University Education Provider, Cisco Partner, ITIL Licensed Affiliate, PRINCE2 Licensed Affiliate, ITPrenuers Regional Partner, PearsonVUE Testing Center.

Trainings are delivered by Certified and Qualified faculties.

See all National Institute of Technology (NIT) courses
Are you from National Institute of Technology (NIT) ? Claim your course!
Courses you can instantly connect with... Do an online course on Networking and Security starting now. See all courses

Is this the right course for you?

Rate this page

Didn't find what you were looking for ?

or