ISO 27000 Foundation
Overview
The overview of information security management systems (ISMS) is provided by ISO/IEC 27000:2018. Additionally, it offers definitions and terminology frequently used in the ISMS family of standards. For IT professionals looking to certify that they understand Information Security Management Systems (ISMS) in line with ISO/IEC 27000, there is a certification called the ISO/IEC 27000 Foundation. The ISO/IEC 27000 International Standard serves as the foundation for the ISO/IEC 27000 Foundation certification test.
Who Should Attend ISO 27000 Foundation course?
- Information Security Professionals
- Professionals who need an understanding of the ISO/IEC 27000
- Candidates seeking personal certification
- Professionals who want understanding of the standard
What You Will Learn in ISO 27000 Foundation course?
- Quality Management
- ISO 20000 Positioning
- Using the Standard
- Processes
Our Package
Introduction
- Scope of ISO/IEC 27000 series of standards
- Recognize industry standards/best practices in Service Management and Quality management systems, such as: ITIL®, Six Sigma, COBIT, ISO/IEC 9000, ISO/IEC 20000
- Recognize the content and correlation between ISO/IEC 27001:2005 and ISO/IEC 27002:2005
- Definition and need for Information Security and Information Security Management System (ISMS)
- Importance of an Information Security Management System (ISMS)
- Value and Reliability of Information
- Benefits and Critical Success factors of an Information Security Management System (ISMS)
Organization of Information Security
- Management responsibility
- Confidentiality agreements
- Contact authorities and special interest parties
- Independent review of information security
- Addressing security when dealing with external parties
Information Security Management System
- Information Security Policy
- General ISMS requirements
- Structure of policies
- Establishing and managing ISMS
- Documentation requirements
- Management review of the ISMS
- ISMS improvement
ISMS Implementation
- Defining ISMS scope, boundaries and ISMS policy
- Asset Management
- Risk Assessment and Treatment
- Information security aspects of business continuity management
Human resources, physical and environmental security
- Human Resources Security: Prior to employment
- Human Resources Security: During employment
- Human Resources Security: Termination or change of employment
- Physical and Environmental Security: Secure areas
- Physical and Environmental Security: Equipment security
Communications and operations management
- Operational procedures and responsibilities
- Third party service delivery management
- System Planning and acceptance
- Protection against malicious and mobile code
- Back-up
- Network security management
- Media handling
- Exchange of information
- Electronic commerce services
- Monitoring
Access Control
- Access control policy
- User access management
- User responsibilities
- Network access control
- Operating system access control
- Application and information access control
- Mobile computing and teleworking
Information systems acquisition, development and maintenance
- Security requirements of information systems
- Correct processing in applications
- Cryptographic controls
- Security of system files
- Security in development and support processes
- Technical vulnerability management
Compliance
- Compliance with legal requirements
- Compliance with security policies and standards, and technical compliance
- Internal ISMS audits
Information Security Incident Management
- Reporting information security events
- Management of information security incidents and improvements
Upcoming Batch
April 20th (Weekends)
FRI & SAT (4 Weeks)
08:30 PM to 01:00 AM (CDT)
April 18th (Weekdays)
MON – FRI (18 Days)
10:00 AM to 12:00 PM (CDT)
Enter the Title
Q. What are the prerequisites for this course?
Ans.
There are no prerequisites for this course. Participants are encouraged to have a basic knowledge of Information security management concepts and terminology.
Reviews
There are no reviews yet.