ISO 27001:2022 ISMS Foundation
Information Security Management System (ISMS) is a controlled approach to managing sensitive company information so that it remains secure. It unites people, processes and Information Management Security Systems.
This two-day intensive training provides participants with comprehensive and practical coverage of all aspects of ISO27001:2022 foundation and insight best practice guideline for implementing ISMS for organization.
This is the essential information for anyone aiming ISO 27001 certification, adopting or a better understanding of effectively managing information security, not just practicing information security.
Duration: 2 days
• Understanding the application of an Information Security Management System in the ISO/IEC 27001:2022 context
• Mapping the old ISO 27001:2013 to newer ISO 27001:2022 controls
• Mastering the concepts, approaches, standards, methods and techniques allowing an effective management of an Information Security Management System
• Understand the relationship between an Information Security Management System, including risk management and controls, and compliance with the requirements of different stakeholders of the organization
• Develop personal skills and knowledge required to advise organizations on best practices in management of information security
• Improve the capacity for gap analysis, audit, and decision making in a context of information security management
Information Security Professional, such as: Consultant, Auditor, Manager, Engineer and Administrator
• Overview of ISO/IEC 27001:2022
• Mapping with old ISO 27001:2013
• Relationship with ISO 27002 (ISO 17799)
• Relationship with ISO 9001 and ISO 14001
• Three stage audit process for certification
• Pre-certification audits and certification
• Scope and definition of ISMS
• What you have currently in place and its assessment
• 4 new control ISO 27001 requirements and gap analysis
• Security policies, standards, procedures, and guidelines
• Security control objectives, and controls
• Establishing, monitoring, and reviewing of ISMS
• Corrective and preventive actions