ISO 27001 OVERVIEW: Course Contents | ALC Training News

  • No comments
1.  Key Concepts of an Information Security Management Systems (ISMS)
  • Introduction to Information Security Management Systems (ISMS)
  • History of ISO 27001 and 27002 standards
  • What is “Information” and “Information Assets”
  • Information Security and ISMS concepts
  • Why should you choose ISO/IEC 27001:2013 for implementing an ISMS
2.  ISMS Requirements as ISO/IEC 27001:2013
  • Context of the organisation
  • Leadership and commitment
  • Planning, including Risk identification and treatment processes
  • Support and  Operation
  • Performance evaluation, including Internal Audit and Management Review
  • Improvement
3. Information Security Control Objectives and Controls
  • Annex-A: Control objectives and controls
  • Statement of Applicability
4. ISMS Implementation Guidance
  • Five-phase approach as recommended by ISO 27003
  • Scope of ISMS implementation
  • Documentation requirements
  • High-level transition guidance for moving from ISO/IEC 27001:2005 to ISO/IEC 27001:2013
  • Critical success factors of a successful an Information security program

Deb Kirman