Information Security Management Systems - ISO/IEC 27001 Requirements
ISO/IEC 27001:2013 is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls. It enables organizations to demonstrate excellence and prove best practice in Information Security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.
Although there is no mandatory requirement, ideally candidates should have at least two years professional experience working within IT Service or Security Management. The ISO/IEC 27001:2013 Foundation would suit candidates working in the following professions or areas:
The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.
This course will ensure delegates understand the value to the business of the ISO/IEC 27001:2013 standard. There is an in-depth review of the key concepts and activities needed to properly plan for the implementation, management and improvement of an Information Security Management System. The course also ensures a thorough understanding of associated activities, roles, responsibilities, challenges, risks and critical success factors:
ISO/IEC 27001:2013 is the formal specification and defines the requirements for an ISMS, which includes: