fbpx

ISO 27001 Implementation

ISO 27001 Implementation Training Course

The 3-Day ISO 27001 Implementation training course provides a meticulous look into the ISO 27001:2013 Information technology — Security techniques — Information Security Management Systems — Requirements International Standard, focusing on three areas:

  • The foundation of ISO 27001:2013 based on the common framework, the High Level Structure (HLS), common text and common terminology adopted by all ISO standards.
  • In depth overview of each clause of the ISO 27001:2013 standard, explaining what the standard says, what the standard means, how to apply the standard in the real world, and how to audit it.
  • In depth overview of Annex A, reviewing each control objective within the 14 control categories.

The course is filled with practical exercises and real application examples, to help participants develop a hands-on understanding that will facilitate the implementation of a world-class Information Security Management System.

Learning Objectives

At the end of the course, participants should have the knowledge and understanding of the following:

  • The common framework of the ISO management system standards, including the High Level Structure
  • The seven (7) Quality Management Principles that rule all ISO standards
  • How to apply the Process Approach to identify the organization’s core and support processes
  • How to build an Information Asset Register
  • The definition of Risk Assessment, Risk Evaluation, and Risk Treatment; the identification of risk and threats, and the creation of a Treatment Plan.
  • The necessary steps to implement a brand new Information Security Management System
  • The certification process
  • Each of the ISO 27001:2013 standard clause requirements
  • Each of the Controls and Control Objectives of Annex A

The duration of this course is three days, as follows:

  • Day 1              8:30 AM to 4:30 PM CST
  • Day 2              8:30 AM to 4:30 PM CST
  • Day 3              8:30 AM to 4:30 PM CST

This course has:

  • A practical examination, completed and graded at various stages throughout the duration of the class.
  • A final test, completed and graded at the end of the class.

A Certificate of Completion is provided to all participants at the end of the class.

The ISO 27001:2013 Internal Auditor training course does not have any prerequisite courses.

For individuals with little or no previous knowledge of ISO 27001 or Information Security Management Systems, who would like to maximize their knowledge; we recommend Mireaux’s Fundamentals of Document Control class as a preamble and introduction to management systems. Check our suggested Training Tracks for additional information.

Students receive comprehensive course manuals with reference materials, including:

  • Presentation information
  • Case studies
  • Workshop exercises
  • Forms used throughout the course
  • Training copy of the standard and Annex A

The topics in this course include:

  • Background and History of ISO
  • ISO Common Framework
  • ISO Quality Management Principles
  • The Process Approach
  • Information Security, Risk Assessment and Asset concepts and definitions
  • Certification process
  • Detail Overview of the ISO 27001:2013 standard:
    • Clause 4: Context of the organization
    • Clause 5: Leadership
    • Clause 6: Planning
    • Clause 7: Support
    • Clause 8: Operation
    • Clause 9: Performance Evaluation
    • Clause 10: Improvement
  • Control Objectives and Controls of Annex A
    • A.5 Information security policies
    • A.6 Organization of information security
    • A.7 Human resource security
    • A.8 Asset management
    • A.9 Access control
    • A.10 Cryptography
    • A.11 Physical and environmental security
    • A.12 Operations security
    • A.13 Communications security
    • A.14 Systems acquisition, development and maintenance
    • A.15 Supplier relationships
    • A.16 Information security Incident management
    • A.17 Information security aspects of business continuity management
    • A.18 Compliance

Testimonials

Product Description: Internal Audit against ISO 27001 – Gap Assessment (2018).

We had a great experience with Mireaux Management Solutions and will be using their services again at some point in the not-too-distant future.

Kevin Hargrove
Amphora Inc.

Sindi is obviously very knowledgeable. She was also kind, courteous and professional. Excellent experience.

Cindy Bibbs
Amphora Inc.

Amphora Inc. ISO 27001 - Gap Assessment (2018) February 28, 2019

View All Testimonials

Mireaux will help find your customized solution!

  • Which Services/Standards are you interested in?

  • Please describe your overall business objectives:
  • This field is for validation purposes and should be left unchanged.
CONTACT