Ex 111 - INFORMATION SECURITY MANAGEMENT SYSTEMS IMPLEMENTATION COURSE FOR ISO/IEC 27001
Overview
This interactive ONE DAY course provides an introduction to information security management systems (ISMSs) as set out in ISO/IEC 27001 (formerly ISO/IEC 17799 / BS 7799). Information security covers many issues, from copyright to internet security, and the proprietary information that an organization has is now recognised as one of its main assets. Ensuring the security of this information is thus a primary responsibility of senior executives in preserving the value of the organization.
Key Session Topics
- Valuing information
- Threats, vulnerabilities and risks
- The detailed requirements of ISO/IEC 27001
- Planning the system: resources that will be required
- Risk assessment
- Risk management and treatment
- Producing a Statements of Applicability
- Developing an ISMS implementation plan
- Certification issues.
Benefits
- The knowledge to allow you to undertake a self assessment and then start the implementation process within your own organization.
- The confidence to identify Security risks relevant to your organization and implement systems to manage them.
Who Should Attend
- Personnel from organizations wishing to be certified to ISO/IEC 27001
- Those who need to understand the potential threats to their business information;
- IT/computer systems managers wishing to learn about implementing an ISMS
- Personnel from organisations holding data on individuals, and who are covered by legal requirements. (The Data Protection Commissioner has stated that “certification to BS 7799-2 is evidence of intent to protect personal data” - as required by the Data Protection Act 2000)
Course Techniques
The course uses a combination of tutorials and workshops. Workshops include identifying information, valuing it, and assessing the risks if it is lost and producing mandatory documentation.
A detailed file of reference information is available to keep.Follow-Up
Assistance with implementation programmes can be provided.