Course Description
Many organisations manage the security of their information according to the international standards ISO/IEC 27001 and ISO/IEC 27002. These standards are subject to recent changes and updates. In addition to a new structure and new measures of ISO/IEC 27002, the annex to ISO/IEC 27001 will also change, necessitating adjustments to information security management systems
This training gives you an overview of the updates and shows the main differences to the previous versions. The new measures are described in detail, and you will learn from practical examples how the changes can be integrated into the existing management system and effectively implemented. You can achieve this with the help of the new attributes.
Course Benefits
Understand and implement the most important changes:
- What current changes the two new standard editions entail.
- How the new requirements can be implemented in practice.
- How to prepare well for future audits today.
Who Will Benefit
- Information Security Officer (ISO/CISO)
- Information Security Officer/Responsible
- Information Security Consultants
- Senior managers and/or professionals from all types of organisations requiring understanding the changes of ISO 27001:2022
- Managers and staff, from all functions, who are or will be involved in preparing an information security management system ready for transition, as well as consultants and auditors
- Accredited auditors requiring the competency to audit Information Security Management systems
LEarning Objectives
Participants in this training will:
- Develop an understanding of changes to the ISO 27001:2022 Information Security Standard, including the changes to the Annex A controls from ISO 27002:2021 that provide guidelines on choosing, implementing, and managing information security controls.
- Learn how to implement the new requirements of ISO 27001.
- Acquire skills on how to use the new tools in ISO 27002 such as attributes to better manage your Annex A controls.
Course Agenda
- Changes to ISO/IEC 27002 compared to the previous version
- Amendments to Annex A of ISO/IEC 27001
- Relationship between ISO/IEC 27002 and ISO/IEC 27001
- Detailed description of the new security measures and their implementation
- Attributes as a tool for structuring and implementing Security measures
- Implementation of the measures in practice
- Further consequences of the changes, influence on Statement of Applicability,
- Preparation for audits and certification procedures