ISO 27001 Security Officer INTENSIV - english

Over the course of three days, we will train you to become an Information Security Officer in accordance with ISO 27001. We take an in-depth and clear look at the planning, implementation and continuous improvement of an information security management system (ISMS) based on the international standard ISO/IEC 27001.

- Aspects of information security

- ISMS basics

- The family of ISMS standards (ISO/IEC 27001)

- Objectives and measures (controls from Appendix A)

- Related standards and frameworks

- BSI basic protection compendium with an overview of hazards

- system and process modules

- Components of an ISMS

- Steps for setting up an ISMS

- Application of PDCA to the ISMS

- Sources of requirements and stakeholders

- Security criteria

- Governance: security policy

- management responsibility

- coordination of information security

- responsibilities

- embedding in IT governance

- Risk management: inputs and steps

- context

- risk assessment

- risk treatment

- risk acceptance

- risk communication

- risk monitoring

- Compliance: Applicable laws

- protection of intellectual property

- confidentiality of personal data

- audits and audit security

- Monitoring

- measurement and evaluation of conformity

- effectiveness and efficiency of the ISMS

- Performance indicators

- Maturity assessment

- audits

- Corrective and preventive measures for improvement