About the course

The ISMS Foundation course provides participants with the opportunity of acquiring the basic knowledge related to the management of an Information Security Management System based on ISO 27001: risk management (based on ISO 27005), risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification.

In addition, the participant will acquire basic knowledge of the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 domains: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management and compliance.

Learning objectives:

• Understanding the application of the information security management system in the ISO 2701 context.
• Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
• Introduction to the 11 domains and 133 control measures of ISO27002.
• Acquiring basic knowledge of the best practices for implementing information security control measures.