Education

After completing this training, you will have a thorough understanding of the design and operation of the ISO 27001 standard and you will be able to independently set up and run a program to implement and maintain an effective Information Security Management System (ISMS).

This training will be concluded with a 2-hour test/examination during the morning of the last training day.

Entry level / preferred experience

No prior knowledge is required for this training.

During the training we provide a loan copy of the ISO 27001.

Training course content

• Purpose and necessity of information security.
• Determining the scope for your information security management system.
• Identifying information assets.
• Determining the value and classification of your information assets.
• The C.I.A. classification
• Risk assessment: determining the risks with regard to information security and the impact of these risks on your organisation.
• Establishing, maintaining and implementing a risk management process including templates.
• Risk management: identifying your risk strategy, objectives and risk-reducing measures.
• Determining security measures which effectively reduce the defined risks.
• Setting up a project planning for the implementation of the ISO 27001 standard and the management system (ISMS).
• Preparation of a business case.
• Establishing policies and guidelines regarding working methods and procedures.
• Determine mandatory ISO27001 documents.
• Testing and verifying the ISO 27001 Annex A measurements.
• Monitoring and reporting on information security (e.g. security KPI’s)
• Preparing and executing a management review.
• Ensuring information security in contracts and SLAs with third parties.
• The ISO 27001 certification process (how does an auditor perceive your ISMS?).
• Project / program manager skills

Who should attend?

The training is suitable for those who are responsible for and/or involved in the implementation and/or management of the Information Security Management System (ISMS) within their organisation. Examples of these roles:

• Security Manager.
• Security Employees.
• Security Officers.
• CISOs.
• Risk Managers.
• IT Managers.
• IT Administrators.
• Information Security Consultants.
• Project managers
• Quality assurance staff.
• Assessors and Auditors.

Participants receive a certificate of participation at the end of the training.

Duration

5 days (from 09:00-16:30, last day until 12:00 depending on the progress of the training during the previous days)

Dates and venues

Language:

The training material: English
The training can be provided in Dutch or English.

Your trainer

Henny Raadschilders, CBCP, CISSP, CRisC, CISA, CISM, CCSP

Your investment

Your investment is only € 2799,- excluding VAT. This price includes lunch, refreshments and course material.

Please note! Other attractive rates apply for in-company training. Ask for the possibilities and conditions.

Terms and conditions

1. Our general terms and conditions apply to all our training courses.
2. The training will proceed as planned when the minimum number of 5 participants is met
3. If the minimum number of participants have not been met, the training will be postponed to another date.
4. The maximum number of participants is set to 10 to ensure optimal interaction during the training