Information is a valuable asset and a key building block which is crucial for success and to maintain credibility of any organization, hence it needs to be suitably protected like any other important business asset. If the protection to this asset is compromised, the organization may be exposed to a wide range of threats that may exploit existing vulnerabilities and cause damage which may lead to brand image erosion, business disruption, financial and productivity loss etc.
This training course is structured to provide an understanding of ISO/IEC 27001:2013 requirements in the context of auditing which are coupled with exercises and case studies. It is also designed to equip participants with the knowledge and skills needed to internally assess and report on the level of conformance to requirements and the level of effective implementation of information security management systems (ISMS) to protect organizations from risk.
At the end of the awareness program, the delegate will be able to
Understand the purpose of an Information Security Management System
Explain the principles of Information Security Management System.
Understand the risks associated with their systems and prepare themselves to defend them.
Prepare and advice their organization before third party assessment.
Contribute to the development and improvement of their organization’s Information Security Management System.
Raise awareness by training and educating everyone who interacts with computer networks, systems, and information in the basics of information security.
Introduction to Information Security Management System based on ISO 27001:2013 standard
Overview on ISMS standard Requirements including controls
Purpose and Benefits of Information Security Management System
Risk Assessment and Management concepts
The Vulnerabilities, Threats and Risks that exists in the context of Information Security
The Domains of Information Security Management System
Who Should Attend?
Information Security Practitioners
Chief Information Security Officer
Information Security Managers
Professionals responsible for Information Security practices
ISO 27001 Implementation Teams
Any personnel who wish to pursue a career in the field of Information Security
Any personnel who has a role to play in the implementation of Information Security Management System