Lead Implementer Training

ISO 27001:2013 Information Security Management Systems (ISMS)


"Organizations and their information systems and networks are exposed with security THREATS such as fraud, espionage, fire, flood and sabotage from a wide range of sources. The increasing number of security breaches has led to increasing information security concerns among organizations worldwide. ACHIEVING INFORMATION SECURITY is a huge challenge for organization as it CANNOT BE ACHIEVED THROUGH TECHNOLOGICAL MEANS ALONE, and should never be implemented in a way that is either out of line with the organization’s approach to risk or which undermines or creates difficulties for its business operations. Thus there is a need to look at information security from a HOLISTIC PERSPECTIVE, and to have an information security management methodology to protect information systematically. This is where the need for ISMS comes in".

Benefits of the course and Takeaways:
    On successfully completing the course, Participants will have:
  • • An appreciation of the importance of controlling Information Security in all types of business.
  • • A detailed knowledge of ISO 27001:2013 Information Security Requirements.
  • • A knowledge of documented management systems to control Information Security
  • • A knowledge of risk assessment for Information Security.
  • • A knowledge of auditing principles
  • • A detailed understanding of the principal requirements for auditing Information Security Management systems.
This 5 day course uses a mixture of taught sessions, interactive group discussions, exercises, continuous assessment and examination to achieve its aims. The practical exercises are based upon a fictional company. However, the procedures, work instructions and data are typical and could relate to many different enterprises equally. The practical exercises have been carefully designed to focus upon issues that commonly arise during Information Security audits.
Appraisal of delegates’ knowledge and performance will be made through a combination of continuous assessment and a two hour written examination (multiple choice and short answers). Electronic devices, including laptops and mobile phones, are not permitted into the examination room. A certificate of competence will be issued to delegates deemed to have achieved a satisfactory standard.
    Who should attend?
  • • Completion of secondary education.
  • • An understanding of report writing is desirable.
  • • A prior knowledge and experience of information security management / ISO 27001 would be beneficial.

For more details or any course registration please contact:
trainings@defactoveritas.com