Embed Size (px)
Citation preview
Course contentThis course will ensure delegates understand the value to the business of the ISO/IEC
27001:2013 standard. There is an in-depth review of the key concepts and activities need-
ed to properly plan for the implementation, management and improvement of an Infor-
mation Security Management System. The course also ensures a thorough understanding
of associated activities, roles, responsibilities, challenges, risks and critical success factors:
• Best practice in Information Security Management and how to apply this within
your organisation
• Scope and purpose of the ISO/IEC 27001 standard and how it can be implemented
within an organisation
• Understand the key terms and definitions used in ISO/IEC 27001
• Leverage the fundamental ISO/IEC 27001 requirements for an ISMS to address the
need to continually improve
• Recognise the purpose of internal audits and external certification audits, their oper-
ation and the associated terminology
• Apply your knowledge to business scenarios to enhance control of information
• Establish a structured approach to information security management to secure
information assets
• Improve information security through adoption of best practices
• Understand how ISO/IEC 27001 provides a competitive differentiator when tender-
ing for business contracts
• Build reputation with secure management of confidential and sensitive information
• Demonstrate compliance with an internationally recognised standard and the abili-
ty to satisfy customer security requirements
This four-day course leads to the ISO/IEC27001
Foundation and Practitioner certificates in IT
Security Management. Candidates will be tak-
en from foundational understanding through
to getting a practical appreciation of how ISO/
IEC27001 applies to business issues and pro-
mote better alignment with organisational se-
curity objectives. ISO/IEC 27001:2013 defines
the requirements for an ISMS, which includes:
ISMS planning, support and operational require-
ments; leadership responsibilities; performance
evaluation of the ISMS; internal ISMS audits;
ISMS improvement; and, control objectives and
controls. Delegates will prepare for and sit both
the foundation and practitioner examinations.
The course consists of short lectures, exercises,
discussions, examination technique training,
mock examinations and includes invigilated ex-
aminations throughout the course.
Course profile
ISO/IEC 27001:2013Foundation & Practitioner Training
www.syzygal.com | [email protected]
ISO/IEC 27001
Who should attend this course?
With consultants placed world-wide, Syzygal is a provider of professional development
education, e-learning and consulting solutions. The foundation of our business model
is specialisation in the areas of IT Service Management, Enterprise Governance, Project
Management and IT Security Management. Our focus is on supporting and promoting
world-renowned, industry recognised frameworks and standards. In doing so we help
our clients develop world-class, business centric IT Services and business change envi-
ronments. With a global reach we can provide your organisation with innovative solutions
to help navigate your business to tangible and measurable improvements through direct
consultancy engagements or training and education services. Syzygal is a globally Accred-
ited Training Organisation and Accredited Courseware Provider; holding accreditations
with: APMG, EXIN, Loyalist, PEOPLECERT and PMI (REP number 4033).
Setting a new standard
Client-site and public training
Self paced on-line e-learning
Virtual instructor led training
www.syzygal.com | [email protected]
The ISO/IEC 27001:2013 combined Foundation and Practition-
er course would suit candidates working in the following pro-
fessions or areas:
• Both IT and business people will benefit from this course
• Those requiring a basic understanding of the Information
Security
• IT professionals or others working within an organisation
that is aligned or planning to be aligned with the ISO/IEC
27000 suite of standards
• Anyone involved in or contributing to an on-going ser-
vice improvement programme
ISO/IEC 27001 is an international standard that
provides effective management of confidential
and sensitive information and the application
of information security controls. The standard
provides a model for establishing, implement-
ing, operating, reviewing, maintaining and im-
proving an information security management
system, with the design and implementation in-
fluenced by the organisation’s needs, objectives,
information assets, security requirements, pro-
cesses and other key organisational characteris-
tics. It allows the demonstrateion of excellence
and proves best practice in Information Security
Management, helping achieve conformance in
information security management system which
requires continual improvement in control of
confidential and sensitive information.
Why ISO/IEC 27001?
