ArabicChinese (Simplified)DutchEnglishFrenchGermanItalianPortugueseRussianSpanish

ISO 27001

ISO 27001 Training

If there is any discussion about ISO 27001 in your organization, or you think you may have contact with information security and certification in the future, it’s a good idea to take this course. In only 2 days, you’ll have a full overview of ISO 27001.

There are many situations in which this course can be useful:

  • your organization  is working on or has completed measures to support GDPR
  • ISO 27001 is being considered
  • ISO 27001 program might be implemented and you might be asked to help or give inputs.

The successful completion of this course will give you knowledge about ISMS (ISO/IEC 27001, Information Security Management Systems) requirements. GIGC is known for its pragmatic approach and for its help to quickly approach matters that work well and matters that can be improved.  Several ways of working and standard procedures will be shown. We also supply ‘Best Practice’ sample documents, so you’ll be a fast starter in any ISO 27001 project.

There is preparation homework (mostly reading) which you will receive one week before the course. The course is taught regularly in our training location in UK. The training is taught in English written materials.

Who should attend?

This is intended for those who will be involved in implementation an ISMS that conforms to latest ISO/IEC 27001 in any organization. Suggested job functions and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Learning objectives

  • Understand the ISMS requirements
  • Understand the information security risk management process, controls objectives and controls

Course benefits

  • Your organization will have an internal resource and process to plan and establish an ISMS
  • Improve your knowledge on ISMS.
  • Support the organization to protection the sensitive data, i.e. personal data, trade secret, to compliance with legal, legislation and governance requirements
  • Understand the gaps between existing ISMS and international standards

Course outline

Dag 1, Information security management systems knowledge (ISO 27001)

  • Terms and definitions
  • Management system structure (MSS) and process approach (PDCA)
  • Understanding of organization, interested parties and their requirements
  • Management system scoping
  • Top management leadership, management system policy and objectives
  • Support the management system

Dag 2, Information security risk management 

  • Information asset management (asset register, asset owner)
  • Information security risk management requirements and process
  • Risk assessment (identify the risk, risk owner, risk analysis and risk evaluation)
  • Risk treatment (treatment options, Statement of Applicability(SoA), risk treatment plan)
  • Management system operation
  • Documented management system (standard requirements and from the organization)
  • conclusive

What’s included?

  • Course material
  • Course certificate

Contact Us