Information Security Management System Implementer

• To understand the implementation of the Information Security Management by adhering to the framework and principles of ISO 27001
• To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of a Information Security Management
• To understand the relationship between the components of a Information Security Management, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• To acquire the necessary expertise to support an organization in implementing, managing and maintaining Information Security Management as delineated in ISO 27001
• To acquire the necessary expertise to manage a team implementing Information Security Management
• To develop the knowledge and skills required to advise organizations on best practices in the management of Information Security Management
• To improve the capacity for analysis and decision making in the context of the management of Information Security Management

• Knowledge of the following Information Security Management principles and concepts:
• The Plan, Do, Check, Act (PDCA) cycle
• To understand the relationship between the components of a Information Security Management, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• The relationship between Information Security Management and customer satisfaction
• Commonly used Information Security Management terms and definitions and the Principles as given in the ISO Standard
• The process approach used in Information Security Management
• Information / Cyber Security Management System, the structure and content of ISO 27001

DAY 01

• Introduction
• ISO Standard briefing
• Information Security Management System History
• Introduction of Different Information and Cyber Security Management Frameworks and Standards
• Introduction to the principles of ISO 27001
• Information Security Management System Framework

DAY 02

• Information Security Management processes based on ISO 27001
• Methodology of the Information Security Management Criteria and Mitigation
• Information Security Risk Identification, Analysis & Evaluation
• Risk Treatment – Planning, monitoring, recording and reporting

DAY 03

• Mandatory Requirements for Information Security Management
• Internal Audit Process according to ISO 19011
• Audit Planning, execution, Reporting & Follow-up

• Project managers or consultants wanting to prepare and to support an organization In the implementation of Information Security Management
• Implementer / Auditors / Managers who wish to fully understand the Information Security Management implementation and Risk bases Audit process
• CxO and Senior Managers responsible for the Information Security Management / Corporate Governance / Compliance
• Members of groups monitoring the resources within the organization
• External business or technical specialists, such as legal or accounting specialists, retail associations, or professional bodies
• Vendors of hardware, software, communications and other IT products
• Internal and external service providers (including consultants)
• Members of an information security and/or IT team
• Expert advisors in information technology
• Technical experts wanting to formalize, amend, and/or extend the organizations IT-related objectives