ISMS – Information Security Management Systems – 2 days

Home / ISMS – Information Security Management Systems – 2 days

ISMS – Information Security Management Systems – 2 days

ISMS – Information Security Management Systems – ISO 27001:2013. The information presented in this two day course forms the basis for a systematic and integrated approach to audit of an Information Security Management System (ISMS). It also enables participants to gain an understanding of the requirements of all the elements in ISO/IEC 27001:2013.

The course examines the compatibility of ISMS with other management systems and explains the significant features of ISMS and the terminology & methodology used in the ISO/IEC 27001:2013 Standard.  The Delegate Manual provides plain English explanation, ISMS audit tools and sample checklists.

“ISMS is a systematic approach that ensures sensitive company information remains secure – your risk management process includes people, processes and systems and gives your customers confidence that you are deploying best practices”

Key Learning Objectives

  • The intent and the requirements of each clause and its relationship with the organisation’s operational information security requirements and legal compliance requirements
  • The documentation requirements, and gain the ability to analyse the interrelationships among various ISMS documents
  • How ISMS planning, policy, objectives and processes are implemented according to the ISO/IEC 27001:2013 standard and in relation to the context of the organization
  • The process of addressing improvements in the organization’s ISMS and verify that identified improvements are effectively managed

Review Risk Assessment

  • Assess the effectiveness of an organisation’s information security Risk Assessment (RA) methodologies
  • Analyse the controls identified in the Statement of Applicability (SOA) and the controls of the ISO/IEC 27001:2013 Annex A as they apply to the treatment of risk
  • Assess the organisation’s operational control, information security RA and the implementation of the Risk Treatment (RT) plan
  • Evaluate RA and RT results to ensure they are appropriately identified within the organization’s SOA
  • Assess an organization’s monitoring, measurement, analysis and evaluation activities



Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

WordPress Image Lightbox