BSI's "Implementing ISO/IEC 27001:2005" course provides an overview of the latest techniques and examines issues surrounding Information Security Management System (ISMS). This course details the requirements for implementing a formal management system as specified in ISO/IEC 27001:2005 (formerly BS 7799-2:2002) and outlines information security issues including methods of control and countermeasures for threats. Experienced instructors lead students to help them understand the processes required to implement and manage information security. Exercises and discussions teach students how to implement controls and how to integrate ISMS activities with business and other security objectives.
Learning Objectives
- Understand the Specific Requirements for an ISMS
- Identify Uses of ISMS Controls
- Determine and Assess Risk to Information Security
- Determine the Value of Information Assets
- Understand the Design and Implementation of an ISMS
- Understand Definitions of Policies, Standards, and Procedures
- Recognize the Importance of Auditing and Reviewing an ISMS
- Understand ISMS Documentation
- Understand the Implementation Process
- Students should note that the course does require evening work
Course Materials
Students receive comprehensive course manuals with reference materials.
Who Should Attend
- IT Security Officers
- IT Managers
- Management Systems Managers
- Professionals involved in introducing ISO/IEC 27002:2005 and ISO/IEC 27001:2005 into an organization
- Chief Security Officers
- Information Security Consultants
Prerequisite
A prior review of ISO/IEC 27002:2005, ISO/IEC 27001:2005, or BS 7799-2:2002 and knowledge of information security practices is strongly suggested.
Next Steps
