The purpose of computer security is to protect an organization’s valuable resources, such as information, hardware, and software. This course is designed to provide participants with a fundamental understanding of the internationally recognized ISO 27001:2005 Information technology — Security techniques — Information security management systems — Overview and vocabulary. The elements of the standard are covered in detail, with special emphasis on the various ways that manufacturing or service organizations can meet the requirements.
Taught as a traditional classroom seminar, this two day course provides participants an opportunity to learn through the examination of real-life case studies, breakout sessions and classroom discussions.
- Understand the computer security standards
- Understand how the standards are applicable to their organization
- Know the benefits & costs of registration
- Become familiar with alternative approaches to registration
- Know how to create the required documentation
- Understand the concepts of how to maintain the registration
- Be ready to implement ISO 27001
What You Will Learn
Fundamentals of ISO 27001:
- Definition of Security
- Security Management System Standard
- Why ISO 27001?
- When to pursue ISO 27001?
- Benefits—tangible and intangible
- How ISO 27001 integrates with your overall company improvement program
- Typical costs
- Initial registration
- On-going maintenance
- History of ISO 27001
- Applicable standards & guidelines
- The registration process
- Internal and external audits
- How to achieve registration
- Creating the overall project plan
- Project timeline
- Differing approaches to registration
- Rapid vs. slow approach
- Developing documentation
- Implementing the requirements
- Conducting audits
- Using a consultant
- Typical consultant approaches
- Selecting the consultant that’s best for you
- Measuring consultant performance
- Review of the elements of ISO 27001
- Examples of ISO 27001 documentation
- Post-registration marketing strategies
- Obstacles to ISO 27001 registration
- Strategies for overcoming obstacles
This course is primarily targeted at people who have computer security responsibilities. Other people who may consider attending include management personnel and/or owners of companies that are interested in ISO 27001.
WHAT PEOPLE ARE SAYING
SatiStar's Experience Makes The Difference!