By the end of this course, delegates will be able to:

• Be familiar with the basics of information security
• Understand the fundamentals of information security
• Know the interrelationships between ISO/IEC 27001 and the other information security standards (ISO 27002, ISO 27003, ISO 27004, and ISO 27005)
• Know the key components of an information security management system (ISMS) in accordance with ISO/IEC 27001
• Introduce the concepts, approaches, standards, methods and techniques allowing to effectively manage an ISMS
• Understand the relationship between an information security management system, including risk management, controls and compliance with the requirements of different stakeholders of the organization
• Understand the stages of the ISO/IEC 27001 certification process
• Know what an information security management system (ISMS) is and how it can help business
• Understand the development, history, and current status of ISO 27001
• Understand the registration process
• Estimate costs and resources to implement an ISMS
• Understand the available information security controls

Managers, Team Leaders, Line Managers, Superintendents, OE Champions, Quality and Project Managers, Supervisors, Executives, Internal and External Auditors, Members of IT Team, Health & Safety Managers, Risk Managers, Business Process Owners, Business Finance Managers, Business Risk Managers, Regulatory Compliance Managers, Project Managers, Continuity, Risk, Quality, IT and Environmental Managers, Anyone involved in the system development, implementation and maintenance, Regulatory Affairs Managers, Consultants, Anyone involved in  implement an EMS implementation and maintenance, Technicians involved in operations related to an ISMS, Anyone who is involved in ISO standards, IT Professionals wanting to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS), Staff involved in the implementation of the ISO/IEC 27001 standard, Expert advisors in IT, CEO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks

This interactive Training will be highly interactive, with opportunities to advance your opinions and ideas and will include;

• Lectures
• Workshop & Work Presentation
• Case Studies and Practical Exercise
• Videos and General Discussions

• Fundamental principles of information security
• Overview of what is meant by ISMS and the basic constituents of an ISMS
• Introduction to the ISO 27000 standards family Introduction to management systems and the process approach
• General requirements: presentation of the clauses 4 to 8 of ISO/IEC 27001
• Implementation phases of the ISO/IEC 27001 framework
• Introduction to risk management according to ISO/IEC 27005
• Continual improvement of information security
• Presentation of the standards ISO 27001, ISO 27002 and ISO 27003 and regulatory framework
• Explanation of how an ISMS can help 
• General requirements: presentation of the clauses 4 to 8 of ISO 27001
• Identifying and evaluating assets
• Defining the scope of an ISMS
• Development of an ISMS and information security policies
• Selection of the approach and methodology for risk assessment
• Risk management: identification, analysis and treatment of risk 
• Drafting the statement of applicability (SoA)
• Implementation phases of ISO 27001 framework
• Implementation of a document management framework
• Principles and design of information security controls
• Writing procedures
• Implementation of controls
• Incident management
• Operations management of an ISMS
• Conducting an ISO/IEC 27001 certification audit
• Documentation of an information security control environment
• Monitoring and reviewing the information security controls
• Development of metrics, performance indicators and  dashboards
• ISO 27001 internal audit
• Management review of an ISMS 
• Continual improvement of information security
• Implementation of a continual improvement program
• Preparing for an ISO 27001 certification audit
• Conducting an ISO 27001 certification audit
• Examples of  implementation of information security controls based on ISO 27002 best practices

BTS attendance certificate will be issued to all attendees completing minimum of 80% of the total course duration.