ISO/IEC 27001:2013 Information Security Management Systems Implementation Course
About
This 3-day training, will provide learners the component parts of the standard, how to define and risk assess information assets in a way suitable to your organization, and the essential requirements of obtaining ISO 27001 certification.
Starts
Mar 11, 2020, 07:30
Ends
Mar 13, 2020, 16:30
Location
Makati, Philippines

TUTOR'S PROFILE
TBD
DESCRIPTION
On this 3-day practical ISO 27001 course, you will learn the component parts of the standard, how to define and risk assess information assets in a way suitable to your organization, and the essential requirements of obtaining ISO 27001 certification.On this 3-day practical ISO 27001 course, you will learn the component parts of the standard, how to define and risk assess information assets in a way suitable to your organization, and the essential requirements of obtaining ISO 27001 certification.
OBJECTIVES
WHAT YOU WILL LEARN:
- The component parts of the Standard.
- How to manage information security.
- How the individual components of the process fit together.
- How to treat implementation as a project.
- Common pitfalls.
- How to define and risk assess “information assets”.
- How to manage risks in a way suitable to your organization.
- The essential requirements for obtaining auditor approval, i.e. certification.
COURSE CONTENT:
- ISO 27001 Requirements.
- What the Information Security Management System (ISMS) is and what it is trying to achieve.
- Identifying Information Assets.
- Undertaking a Risk Assessment.
- Managing Risk.
- Internal Auditing.
AUDIENCE
Before beginning this course, we recommend that delegates have knowledge of:
A. Management systems
- In particular, an understanding of the Plan-Do-Check-Act (PDCA) cycle.
B. Information Security Management
- A basic knowledge of the concepts of information security management and an understanding of commonly used information security management terms and definitions, as given in ISO/IEC 27000.
Note:
- Participants should be committed to Information Security Management as a concept. Prior knowledge of BS7799-2:2002 is an advantage.
- SGS will not provide company specific advice towards the development and implementation of the management systems for eventual certification, which contravenes the requirements of the IAF Guidance (i.e. provision of consultancy services).