Sei sulla pagina 1di 4

ISO 27001:2013 Awareness Programme

Introduction
GENERATIONNEXTs ISO 27001:2005 Awareness Training Programme provides
the overview of the purpose and requirements of ISO 27001 as a tool for the
management of information security in the organisation. Our faculty explains the
clauses of ISO 27001:2005 in detail, providing a base for understanding the
Information Security Management System standard elements. Delegates learn by
participating in syndicate exercises and detailed discussions.

Objective
ISMS awareness course is a one-day course covering the requirements of ISO
27001:2005 standard with examples from the expertise of the faculty.
This training programme provides the insight to the advantages of implementing an
Information Security Management System and the basic requirements of the
standard. By attending this programme, delegates will be able to:

Understand the purpose of an environmental management system and explain the


legislative framework relevant to an ISMS
Explain the purpose and intent of the ISO 27000 series of standards

Describe the ISO 27001 requirements

Content

Introduction
Introduction to Information security management concepts

ISO 27000 family of standards

ISO 27001:2005 Information Security Management System requirements

Syndicate exercise

Who Should Attend

Information security managers


Professionals who want to implement the standard

Professionals planning to attend higher level training courses like internal auditor
courses for Information Security Management System

Location
India

Duration

1 Day

INPUT OUTLINE

ISO/IEC 27001 is an information security management system (ISMS)


standard published by ISO & IEC
It specifies the requirements for establishing, implementing, operating,
monitoring, reviewing, maintaining and improving a documented
Information Security Management System (ISMS) within an organisation
It is designed to ensure the selection of adequate and proportionate
security controls to protect information assets

Session 1
Information
Information Types
Information Lifecycle
What is information security?
Security elements
People
Processes
Technology
Information security is valuable because it
Information security definition
Session 2
Security incidents cause
What is risk?
Risk relationships
Threat agent
Motive
Threat type and Example
Compliance
Objectives of Compliance
SOX
Where SOX is Applicable
BASEL II
Session 3
ISO 27001
A brief history of ISO27k
Plan-Do-Check-Act
CONTROL CLAUSES
IMPLEMENTATION PROCESS CYCLE
Benefits
Information security vision
Who is responsible?
Corporate Information Security Policy
Physical security
Password Guidelines
Internet usage
E-mail usage
Security incidents
Responsibilities
ISMS 27001 Awareness Program

Time
2 hours

Time
2 hours

Time
2 hours

Potrebbero piacerti anche