ISO 27001 Lead Implementer Training Course

Mastering the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001.

This two-days intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. 

This training is consistent with ISO/IEC 27032 (Guidelines for cybersecurity), ISO/IEC 27003 (Guidelines for the Implementation of an ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

In this two day ISO 27001 Lead Auditor course Tecknologia’s experienced tutors will teach you how to lead, plan, execute and report on an audit of an ISMS in an organization.

Tutors on our ISO 27001 Lead Auditor course will expand on delegate’s existing knowledge of the standards and develop their skills and ability to lead a team to conduct audits of a ISMS to the standard.

This ISO 27001 Lead Auditor course will help delegates gain a professional qualification that certifies that they have the knowledge and skills to be able to lead a team to conduct an audit of an ISMS in any organization.

Our ISO 27001 Lead Auditor course focuses on helping professionals and their organisations in improving protection of confidential data to meet market assurance and corporate governance needs.

Participants should expect to gain understanding in the following areas after successful completion of this workshop:

• To acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
• To master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS
• To learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization
• To learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS
• To acquire the expertise to advise an organization in implementing Information Security Management System best practices

Course Outline:

• Introduction to Information Security Management System (ISMS)
• Course objectives and structure
• Standards and regulatory frameworks
• Information Security Management System (ISMS)
• Fundamental principles of Information Security Management Systems
• Initiating the implementation of an ISMS
• Understanding the organization and clarifying the Information Security objectives
• Analysis of the existing management system
• Planning the implementation of an ISMS based on ISO/IEC 27001
• Leadership and approval of the ISMS project
• ISMS scope
• Information Security policies
• Risk assessment
• Statement of Applicability and top management`s decision to implement the ISMS
• Definition of the organizational structure of Information Security
• Implementing an ISMS based on ISO/IEC 27001
• Definition of the document management process
• Design of security controls and drafting of specific policies & procedures
• Communication plan
• Training and awareness plan
• Implementation of security controls
• Incident Management
• Operations Management
• ISMS monitoring, measurement, continuous improvement
• Monitoring, measurement, analysis and evaluation
• Internal audit
• Management review
• Treatment of non-conformities
• Continual improvement
• Preparing for a certification audit
• Preparing for the certification audit
• Competence and evaluation of implementers
• Closing the training