ISO 27001 Information Technology – Security Techniques – Information Security Management Systems (ISMS) .
This International Standard has been prepared to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving ISMS. ISO 27001:2013 (ISMS) is a structured and systematic approach to manage information and information assets of the organization by maintaining confidentiality, integrity and availability.
This 2/3 – Day training workshop is designed to provide thorough understanding of ISO 27001 (ISMS) along with its required process documentation, implementation guidance, monitoring (Management), internal auditing, certification and certification retention. This training workshop has been developed on successful ISMS implementation, certification and consultancy experiences (local and international) with different sized companies, banks and software houses. This training workshop also covers Risk Management (Tool Development Workshop), Business Continuity and Disaster Recovery Plan Development Exercise.
Quality Aim (QUALITY AIM) is an Information Security and Quality Engineering Company backed by consultants with security credentials such as ISO 27001 Lead Auditors, ISO 22301 Lead Auditor, ISO 9001, 27001, 20000 Internal Auditors and Appraisal Team Members (ATM) for CMMI and TMMI. Our team of consultants have decades of experience in the field of Quality Management, Testing, Information Security, Auditing, Process Improvement, Implementation, Consultancy and Trainings.
Abid Umar: has post graduate qualification in Computer Sciences and Business Administration. He has delivered more than 25 ISO 27001 Lead Implementer & Internal Auditor Training Courses in Pakistan, Saudi Arabia, Afghanistan and Dubai. He has 14 years of work experience in the field of Management System Development, Consultancy, Auditing, Information Security Mentoring, and Business Continuity Management.
Module 1 Introduction & Some Statistics of Information Security
Module 2 ISO 27001 – Information Security Management System
Module 3 Contents / Clauses of Information Security Management System
Exercise 2: ISMS Scope
Module 4 Differences in ISO 27001:2005 & ISO 27001:2013
Module 5 Domain 5: Information Security Policies
Exercise 3: Access Control Policy
Module 6 Domain 6: Organization of information security
Module 7 Domain 7: Human Resource Security
Exercise 4: User / Employee Exit Form
Module 8 Domain 8: Asset Management
Exercise 5: Asset Categorization
Module 9 Domain 9: Access Control
Module 10 Domain 10: Cryptography
Module 11 Domain 11 Physical & Environmental Security
Module 12 Domain 12: Operations Security
Module 13 Domain 13: Communications Security
Module 14 Domain 14: System acquisition, development & maintenance
Module 15 Domain 15: Supplier Relationships
Module 16 Domain 16: Information Security Incident Management
Module 17 Domain 17: Info Sec Aspects of Business Continuity Management
Module 18 Domain 18: Compliance
Module 19 Asset Risk Assessment (Risk Management)
Module 20 Policy and Procedure Development
Refresher Quiz & Exercise
Better organizational image because of the certification and continual improvement
Lower operational costs because of the avoided risks
Improved and smoother organizational operations
More secure and organized working environment
Improved capacity of disaster management
Transparency in accountability for asset owners
Better structuring of creating, managing, operating and updating business operations
Prevention from external / internal attacks / threats and so on
Thorough understanding of defining process(s)
CEOs or Senior Executive aspiring to gain customer confidence
Management Representatives, responsible for implementing ISO 27001
Network Administrator who needs to secure organizational Infrastructure
Members of Software Development & QA Teams, responsible for developing secure software or
ANY individual or group from banking sector, financial institution and academia who want to learn Information Security
Course reference manual, containing copy of course slides, supporting documents, exercises, case study, their solutions and certificates.
Course Certificates: Course Certificates will be awarded to the successful candidates.
For Registration and Fees: E-mail: firstname.lastname@example.org Ph: +92-322-4700-818