PECB Certified ISO/IEC 27001 Lead Implementer
Information security threats and attacks increase and improve constantly. The best form of defence against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties. This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement. After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Eesmärk
The main requirement for participating in this training course is having a general knowledge of the ISMS concepts and ISO/IEC 27001.
Sihtgrupp
Managers or consultants involved in and/or concerned with the implementation of an information security management system in an organization, Project managers, consultants, or expert advisers seeking to master the implementation of an information security management system; or individuals responsible to maintain conformity with the ISMS requirements within an organization, Members of the ISMS team
Osalemise eeldused
Technology needed for the course: Computer with internet browser. Those who do not have the necessary computer can rent it by agreement with BCS Training. Please inform the training company in advance.
Koolituse sisu
- Day 1: Introduction to ISO/IEC 27001 and initiation of an ISMS implementation
- Training course objectives and structure
- Standards and regulatory frameworks
- Information security management system based on ISO/IEC 27001
- Fundamental concepts and principles of information security
- Initiations of the ISMS implementation
- Understanding the organization and its context
- ISMS scope
- Day 2: Implementation plan of an ISMS
- Leadership and project approval
- Organizational structure
- Analysis of the existing system
- Information security policy
- Risk management
- Statement of Applicability
- Day 3: Implementation of an ISMS
- Selection and design of controls
- Implementation of controls
- Management of documented information
- Trends and technologies
- Communication
- Competenece and awareness
- Management of security operations
- Day 4: ISMS monitoring, continual improvement, and preparation for the certification audit
- Monitoring, measurement, analysis and evaluation
- Internal audit
- Management review
- Treatment of nonconformities
- Continual improvement
- Preparation for the certification audit
- Closing of the training course
Õpiväljundid
By the end of this training course, the participants will be able to: explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001; interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an implementer; initiate and plan the implementation of an ISMS based on ISO/IEC 27001, by utilizing PECB’s IMS2 Methodology and other best practices; support an organization in operating, maintaining, and continually improving an ISMS based on ISO/IEC 27001; prepare an organization to undergo a third-party certification audit.
After the training participant can take the international certificate exam which is included in the price of the course. Assessment criteria: After successfully passing the exam, you can apply for one of the credential leading you to the international certification. You will receive the ISO/ IEC 27001 certification once you comply with all the requirements related to the selected credential.
Lisainfo
This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS. The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises. The exercises are based on a case study. The structure of the quizzes is similar to that of the certification exam. Study methods: You can participate in the study by joining the training through the online environment. Instructions will be sent to you prior to the training. The volume of training is 32 hours incl. 21 hours of practical exercises in the training environment. Completion of training: A graduate of the training receives a course certificate if one performs all the practical exercises given during the training. Participants who have not achieved the learning outcomes will be issued a certificate of participation in the training upon request.