call now button2



Designed for people assigned to implement an ISMS practically e.g. managers already involved with control of another management system, consultants.


To give an understanding of:

  • What an information security management system (ISMS) is and how it can help business
  • Why companies are going for registration to ISO 27001:2013
  • The basic registration process
  • Where to get help and information
  • Where to start to implement a system
  • The ISO 27001 standard and its documentation requirements
  • Risk assessment
  • To identify the requirements for an ISMS
  • To explain the tools used to meet the requirements
  • To assist people in attaining the skills to be able to implement an effective ISMS
  • The relationship between ISO/IEC 17799:2000 & ISO 27001:2013
  • The control objectives in ‘Annex A’
  • A statement of applicability and a risk treatment plan
  • The audit process utilising a risk treatment plan

Course content

  • Overview of what is meant by ISMS and the basic constituents of an ISMS
  • Explanation of how an ISMS can help
  • Overview of the requirements of ISO 27001:2013 and the potential benefits
  • Implementation of an ISMS, including setting and reviewing ISMS policy, procedures required by the standard
  • Identifying and evaluating assets
  • Vulnerabilities associated with these assets, risk assessment
  • Annex A, control objectives, risk treatment plan & statement of applicability

What should have been learnt

  • How to start implementing an ISMS practically
  • Some of the tools and documentation used to achieve results within an ISMS
  • The benefits of an information security management system to the business.



Course dates & locations

Date (from - to) Location Price Availability Book
17/10/2017 Surrey £425 Book this course
27/10/2017 Manchester - Additional course due to high demand £425 Book this course
28/11/2017 Manchester £425 Book this course
28/11/2017 Milton Keynes £425 Book this course