ISMS Lead Implementer based on ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003

• Security professionals, Infosec team members and consultants who have a role in establishing, implementing, maintaining and improving an ISMS in an organization.
• Project managers managing IT projects.

Module 1:

• ISMS concepts and benefits.
• Information and its classification schemes.
• Importance of information security framework.
• Requirement standard and guideline - Differences.
• ISO 27000 series of standards.

Module 2:

• Understanding context of the organization, interested parties, scope of ISMS and risk.
• Components of risk assessment and its relationships.
• Risk assessment process (risk identification, risk analysis, risk evaluation, pitfalls of risk assessment)
• Risk treatment process (Risk treatment options, risk treatment plan, Controls and its type, Statement of Applicability)

Module 3 (Based on ISO/IEC 27003):

• Generic implementation of the ISO/IEC 27001 clauses in
  • Plan phase (Clauses 4, 5, 6, 7) – Context of the organization, Leadership, Planning, Support
  • Do phase (Clause 8) - Operations
  • Check phase (Clause 9) – Performance evaluation
  • Act phase (Clause 10) - Improvement

Module 4 (Based on ISO/IEC 27002):

• Structure of ISO/IEC 27002 (Security domains, control objectives, controls)
• Generic implementation of the Annex A controls of ISO/IEC 27001.

ISMS implementer course assists in providing implementation guidance to implement an effective Information Security Management System (SMS) within an organization. This course comprises of four modules.

Module 1 (60 mins): Awareness in ISMS.

Module 2 (120 mins): Risk assessment and management.

Module 3 (180 mins): Implementation guidelines for ISMS based on ISO/IEC 27003

Module 4 (180 mins): Implementation guidelines for ISMS based on ISO/IEC 27002

The course employs a variety of training tools such as content-embedded assessment, simulations, and other interactive exercises to enhance instructional delivery. Easily accessible via your preferred choice of device, the course allows you to log in and learn whenever, wherever. You will be required to pass assessment to receive your recognised e-certificate with a unique ID.

Participation certificate awarded upon passing the final assessment.

Module 1

1. ISMS concepts and benefits.
2. Information and its classification schemes.
3. Importance of information security framework.
4. Requirement standard and guideline - Differences.
5. ISO 27000 series of standards.
6. Structure of ISO/IEC 27001 international standard.

Module 2

1. Understanding the context of the organization, interested parties, scope of ISMS and risk.
2. Components of risk assessment and its relationships.
3. Risk assessment process (risk identification, risk analysis, risk evaluation, pitfalls of risk assessment)
4. Risk treatment process (Risk treatment options, risk treatment plan, Controls and its type, Statement of Applicability)

System requirements

Supported browsers include:

• Chrome
• Safari
• Internet Explorer
• Firefox

Additional requirements include:

• A high-speed internet connection will provide best results.
• An email address is required to register for courses.
• Microsoft Media Player or equivalent is needed to play audio and video files.
• Flash Player is used for content and interactive learning. If necessary, download and install Flash Player to ensure proper operation of course content.

What is included with the course?

Each course will include access to e-learning content, quizzes, and proof of completion. Additional resources may also be included, and this will vary by course.

Can I pause the course and log in to it anytime?

Certainly. The course allows the learner to take a break and return to it within the defined access period (typically 365 days).

Are there any quizzes in the middle of the course?

Our e-learning courses are designed to promote interaction between learner and content and often include quizzes. Quizzes are designed to help understand where successful learning has been achieved, and where opportunities for additional review exist.

Can I get a refund if I cancel my enrollment?

Refunds cannot be provided once a course is activated. Please be sure to review course information prior to activation.

What happens if I don’t finish the course within the access period?

The standard access period is 365 days to allow sufficient time to complete your course.

If you have questions, or require assistance, you may reach us at [email protected]

To learn more about TÜV SÜD, please click here.