Foundation / Practitioner
The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organisation’s electronic and physical information resources.
ISO/IEC 27001:2013 is the most widely recognised international standard specifically aimed at information security management. It provides:
- globally-accepted best-practice framework for the protection
of information assets
- assurance to external customers who increasingly are demanding evidence of security and compliance.
This certificate course is fully accredited by APMG and is based on the most recent (2013) version of the ISO/IEC 27001 standard. It comprises both a Foundation and a Practitioner module which can be taken separately or combined, according to needs.
The Foundation module (2 days) is designed for anyone who needs an overview of the Standard and an appreciation of what comprises best practice in an Information Security Management System.
The Practitioner module (3 days) builds on this knowledge to give participants a deeper understanding about how to actually apply the standard for implementation, management and improvement.
ISO/IEC 27001 is the international standard that provides the basis for effective management of confidential and sensitive information and the application of information security controls.
It enables organisations to demonstrate excellence and prove best practice in information security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.
Certified individuals help their organisations to:-
- Adopt and demonstrate compliance with a structured, internationally recognised approach to information security management;
- Improve the storage, processing and transfer of business and customer information, protecting confidential and sensitive information;
- Achieve a competitive differentiator for tendering and procurement;
- Ensure information security practices are ready for the scrutiny of internal and external audits.