This course will ensure delegates understand the value to the business of the ISO/IEC 27001:2013 standard. There is an in-depth review of the key concepts and activities needed to properly plan for the implementation, management and improvement of an Information Security Management System. The course also ensures a thorough understanding of associated activities, roles, responsibilities, challenges, risks and critical success factors:
- Best practice in Information Security Management and how to apply this within your organisation
- Scope and purpose of the ISO/IEC 27001 standard and how it can be implemented within an organisation
- Understand the key terms and definitions used in ISO/IEC 27001 to effectively roll out the principles
- Leverage the fundamental ISO/IEC 27001 requirements for an ISMS to address the need to continually improve
- Recognise the purpose of internal audits and external certification audits, their operation and the associated terminology
- Apply your knowledge to business scenarios to enhance control of information.
- Establish a structured approach to information security management to secure information assets
- Improve information security through adoption of best practices
- Understand how ISO/IEC 27001 provides a competitive differentiator when tendering for business contracts
- Build reputation with the secure management of confidential and sensitive information
- Demonstrate compliance with an internationally recognised standard and the ability to satisfy customer security requirements