People’s personal data and how it is managed and protected continues to be a hot topic of discussion.
This CQI IRCA certified course gives a thorough introduction to Information Security Management Systems (ISMS) along with the requirements of the implementation process. You will look at how an effective ISMS can benefit your organisation in the short, medium and long term.
- What an Information Security Management System is and how it can help your business
- Why companies want to be certified to ISO 27001:2013
- The registration process
- Implementing a system – where do we begin?
- The ISO 27001 standard and its documentation requirements
- Risk assessment
- What tools are used to meet the requirements of an ISMS
- Attain the skills to be able to implement an effective ISMS
- The relationship between ISO 27001:2013 and ISO/IEC 17799:2000
- The control objectives in ‘Annex A’
- The audit process utilising a risk treatment plan
- Overview of what is meant by ISMS and the basic constituents of an ISMS
- Explanation of how an ISMS can help
- Overview of the requirements of ISO 27001:2013 and the potential benefits
- Implementation of an ISMS, including setting and reviewing ISMS policy, procedures required by the standard
- Identifying and evaluating assets
- Vulnerabilities associated with these assets, risk assessment
- Annex A, control objectives, risk treatment plan & statement of applicability.
Those who are involved or responsible for information security, data management, risk and compliance, IT services, human resources and any other business area that interacts with confidential data.