ISMS Lead Implementer based on ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003

Module 1:

• ISMS concepts and benefits.
• Information and its classification schemes.
• Importance of information security framework.
• Requirement standard and guideline - Differences.
• ISO 27000 series of standards.

Module 2:

• Understanding context of the organization, interested parties, scope of ISMS and risk.
• Components of risk assessment and its relationships.
• Risk assessment process (risk identification, risk analysis, risk evaluation, pitfalls of risk assessment)
• Risk treatment process (Risk treatment options, risk treatment plan, Controls and its type, Statement of Applicability)

Module 3 (Based on ISO/IEC 27003):

• Generic implementation of the ISO/IEC 27001 clauses in
• Plan phase (Clauses 4, 5, 6, 7) – Context of the organization, Leadership, Planning, Support
• Do phase (Clause 8) - Operations
• Check phase (Clause 9) – Performance evaluation
• Act phase (Clause 10) - Improvement

Module 4 (Based on ISO/IEC 27002):

• Structure of ISO/IEC 27002 (Security domains, control objectives, controls)
• Generic implementation of the Annex A controls of ISO/IEC 27001.

• Security professionals, Infosec team members and consultants who have a role in establishing, implementing, maintaining and improving an ISMS in an organization.
• Project managers managing IT projects.

None.

The course employs a variety of training tools such as content-embedded assessment, animations, and other interactive exercises to enhance instructional delivery. Easily accessible via your preferred choice of device, the course allows you to log in and learn whenever, wherever.

Participation certificate awarded upon passing the final assessment.

540 Minutes.

For more information, please see the Frequently Asked Questions (FAQ) on e-learning courses.