ISO 27002 Implementing and managing Information Security controls- Foundation

Course Overview

This course allows participants to find out concerning the most effective practices for implementing and managing data Security controls as laid out in ISO/IEC 27002. This coaching conjointly helps to grasp however ISO/IEC 27002 and ISO/IEC 27001 relate with ISO/IEC 27003 (Guidelines for the implementation of an ISMS), ISO/IEC 27004 (Measurement of data security) and ISO/IEC 27005 (Risk Management in data Security).

Who should attend?

• Members of AN data security team
• IT Professionals desirous to gain a comprehensive information of the most processes of data Security controls
• Staff concerned within the implementation of the ISO/IEC 27002 customary
• Technicians concerned in operations associated with AN ISMS
• Auditors
• CxO and Senior Managers to blame for the IT governance of an enterprise and therefore the management of its risks

Learning objectives

• To perceive the implementation of data Security controls in accordance with ISO/IEC 27002
• To perceive the link between AN data Security Management System, as well as risk management, controls and compliance with the wants of various stakeholders of the organization
• To understand the ideas, approaches, standards, strategies and techniques permitting to effectively implement data Security controls
• To acquire the mandatory information to contribute in implementing data Security controls as laid out in ISO/IEC 27002

Course Agenda

Day 1: Introduction to data Security Management System (ISMS) ideas and ISO/IEC 27002

• Introduction to the ISO/IEC 27000 family of standards
• Introduction to management systems and therefore the method approach
• Fundamental principles of data security
• General requirements: presentation of the clauses four to eighteen of ISO/IEC 27002
• Implementation phases of the ISO/IEC 27002 framework
• Continual improvement of data Security
• Conducting AN ISO/IEC 27002 certification audit

Day 2: Implementing controls in data security per ISO/IEC 27002 and Certification communication

• Principles and style of data security controls
• Documentation of AN data security management setting
• Monitoring and reviewing the data security controls
• Examples of implementation of data security controls supported ISO/IEC 27002 best practices
• Certification communication
• Certification Exam

Prerequisites

None

Educational approach

This coaching relies on each theory and practice:

• Sessions of lectures illustrated with examples supported real cases
• Review exercises to help the communication preparation
• Practice check almost like the certification communication

Examination and Certification

• The “PECBCertified ISO/IEC 27002 Foundation” communication totally meets the wants of the PECBExamination and Certification Program (ECP). The communication covers the subsequent competency domains: • Domain 1: basic principles and ideas of data security • Domain 2: data Security management best practices supported ISO/IEC 27002
• The “PECB Certified ISO/IEC 27002 Foundation” communication is accessible in numerous languages (the complete list of languages will be found within the examination application form)
• Duration: one hour
• For additional data concerning the communication, sit down with PECB section on ISO/IEC 27002 Foundation communication
• A certificate of “PECB Certified ISO/IEC 27002 Foundation” are going to be issued to participants World Health Organization with success passed the communication and suits all the opposite needs associated with this papers
• For additional data concerning PECB Certified ISO/IEC 27002 certifications and therefore the PECB certification method, sit down with PECB section on ISO/IEC 27002 Foundation

 General Information

• Certification fees area unit enclosed within the communication worth
• A student manual containing over two hundred pages of data and sensible examples are going to be distributed to participants
• A participation certificate of fourteen CPD (Continuing skilled Development) credits are going to be issued to participant
• In case of failure of the communication, participants area unit allowed to retake the communication at no cost beneath bound conditions