ISO 27001:2013 Information Security Management System – ISMS

Awareness course for Information Security Management System – ISO 27001 – Ensure your control over information security

In this course, we look at the ISO 27001:2013 standard, regarding Information Security Management System. It is a beginner course, which provides an introduction to the standard, with explanations of all the various clauses and appropriate control measures to stay compliant, together with examples on how the standard may apply to a business. It is a good basic course to start with and build your understanding of the ISO 27001:2013 standard!

What you’ll learn

  • Introduction and general concepts of ISO 27001:2013.
  • Clause-by-clause guidance of ISO 27001:2013.
  • What applicable requirements are needed for information security?.
  • What documents to prepare in order to meet ISO 27001:2013?.
  • How to implement your Information Security Management System (ISMS)?.
  • How to verify your implementation to make sure you’re on the right track?.

Course Content

  • Introduction to ISO 27001:2013 –> 1 lecture • 9min.
  • Clause-by-clause guidance for ISO 27001:2013 –> 21 lectures • 1hr 31min.
  • Preparation of documentations required for ISO 27001 compliance –> 1 lecture • 2min.
  • Implementation of documentations to meet ISO 27001 requirements –> 1 lecture • 4min.
  • Verifications of your implementation (Basics of Internal Auditing) –> 2 lectures • 4min.

ISO 27001:2013 Information Security Management System - ISMS

Requirements

  • No specific prior knowledge is required.
  • A general understanding of your physical and/or virtual information asset is useful.
  • Owning a copy of ISO 27001:2013 standard is recommended, but not required.

In this course, we look at the ISO 27001:2013 standard, regarding Information Security Management System. It is a beginner course, which provides an introduction to the standard, with explanations of all the various clauses and appropriate control measures to stay compliant, together with examples on how the standard may apply to a business. It is a good basic course to start with and build your understanding of the ISO 27001:2013 standard!

This standard is a guideline for quality business practices, part of an organisation’s Quality Management System (QMS). Specifically, it focuses on information security – be it in the form of physical, or virtual information assets. As such, it is applicable to all businesses in this day and age, where activities are increasingly digitalised.

With a proper system in place, companies are able to embrace digital transformation confidently, thereby staying current and competitive internationally.

Still, to know how to properly set up and keep this system in place, one needs to have a proper understanding of the standard, with its clauses. If you are looking to achieve this, here is a course that can help you.

Course Outline:

Section 1 > Introduction, history and general concepts of ISO 27001:2013

Section 2 > Clause-by-clause guidance for ISO 27001:2013

  • Section 2-1 > Clause 1 to 3 + Clause 4: Context of the organisation
  • Section 2-2 > Clause 5: Leadership
  • Section 2-3 > Clause 6: Planning for the Food Safety Management System
  • Section 2-4 > Clause 7: Support
  • Section 2-5 > Clause 8: Operations
  • Section 2-6 > Clause 9: Performance Evaluation
  • Section 2-7 > Clause 10: Improvement

Section 2a > Clause-by-clause guidance for ISO 27001:2013 Annex A

  • Section 2-8 > Annex A.5 Information security policies
  • Section 2-9 > Annex A.6 Organisation of information security
  • Section 2-10 > Annex A.7 Human resource security
  • Section 2-11 > Annex A.8 Asset management
  • Section 2-12 > Annex A.9 Access control
  • Section 2-13 > Annex A.10 Cryptography
  • Section 2-14 > Annex A.11 Physical and environmental security
  • Section 2-15 > Annex A.12 Operations security
  • Section 2-16 > Annex A.13 Communications security
  • Section 2-17 > Annex A.14 System acquisition, development and maintenance
  • Section 2-18 > Annex A.15 Supplier relationships
  • Section 2-19 > Annex A.16 Information security incident management
  • Section 2-20 > Annex A.17 Information security aspects of business continuity management
  • Section 2-21 > Annex A.18 Compliance

Sections 3 > Preparation of Documentation

Section 4 > Implementation

Section 5 > Verification of your implementation