Information Security Foundation based ISO/IEC 27001 (ISFS)

Description

The ISO27002 standard was formerly known as the ISO17799 standard, and is a code of practice for information security. It outlines eleven security categories, with several control objetives and a wide range of controls. They may be implemented under the framework provided within ISO 27001. It outlines hundreds of potential controls and control mechanisms and may be implemented under the guidance provided within ISO27001. The ISO27001 standard may be used for the design of the information security process and contains the requirements of an Information Security Management System (ISMS). The ISO27002 standard, which is also known as the “Code for Information Security” or the “Code of Practice,” contains control measures for various topics in the field of information security. The ISO27002 standard covers organizational, procedural, physical, technical and logical aspects of information security.

Benefit

Objectives Through the interactive sessions and practical experiences, this course presents the following concepts: • Information and security: Basic concepts, the value of the information and the importance of its reliability • Threats and risks: The relationship between threats and reliability • Approach to the organization of the Information Security Policies • Security measures: Organizational, procedural, physical, technical and logical aspects • Legislation and regulations: Its importance and compliancy implications • Design and implementation of the ISMS according to the ISO27001 standard • Certification of the ISMS according to the ISO27001 standard

Content

-

Course

Methodology

1
Presentation
2
Discussion
3
Practice Activities
4
Case Studies

Evaluation

1
Pre test
2
Post test

Duration

5 Days

Target Audience

This is an introductory course for everyone in an organization who is involved with the information management lifecycle. The module is also suitable for small independent businesses for which some basic knowledge of information security is necessary. This module may be a good start for new information security professionals

Schedule

Nov 2017
20-24