ISO 27001 (ISMS) Lead Implementer Course

ISO 27001 Lead Implementer course is a training program that enables people to develop the necessary expertise to support an organization in establishing, implementing, managing, and maintaining an Information Security Management System (ISMS).

The program is designed to provide professionals with the knowledge and skills to provide consulting services to organizations in the development and implementation of an ISMS based on the ISO 27001 standard. The course also covers the associated ISO 27002 Code of Practice for Information Security Management.

Participants in the ISO 27001 Lead Implementer course will learn about the requirements of an Information Security Management System (ISMS) and the best practices for its implementation.

It also covers the objectives, controls, management systems implementation and internal audit requirements of the ISO 27001 standard.

Participants will also gain experience in developing, issuing, monitoring and maintaining effective management system controls (e.g. business processes, policies and procedures).

Additionally, the course covers risk assessment and management methodology, designing control objectives and security requirements, secure system and application design, business continuance and disaster recovery planning, operational security, physical security, and data security.

Students who successfully complete the ISO 27001 Lead Implementer course will have the necessary knowledge and skills to help their organization implement a compliant and effective Information Security Management System.

Modules:

•  Module 1: Training course objectives and structure
•  Module 2: Standards and regulatory frameworks
•  Module 3: Information Security Management System (ISMS)
•  Module 4: Fundamental information security concepts and principles
•  Module 5: Initiation of the ISMS implementation
•  Module 6: Understanding the organization and its context
•  Module 7: ISMS scope
•  Module 8: Leadership and project approval
•  Module 9: Organizational structure
•  Module 10: Analysis of the existing system
•  Module 11: Information security policy
•  Module 12: Risk management
•  Module 13: Statement of Applicability
•  Module 14: Documented information management
•  Module 15: Selection and design of controls
•  Module 16: Implementation of controls
•  Module 17: Trends and technologies
•  Module 18: Communication
•  Module 19: Competence and awareness
•  Module 20: Security operations management
•  Module 21: Monitoring, measurement, analysis, and evaluation
•  Module 22: Internal audit
•  Module 23: Management review
•  Module 24: Treatment of nonconformities
•  Module 25: Continual improvement
•  Module 26: Preparing for the certification audit
•  Module 27: Closing of the training course