Organizations are becoming increasingly aware of the value of their business-critical information and the need to protect their information-related assets. An information security management system (ISMS) is based on risk management approach to maintain the confidentiality, integrity and availability of the organization's information.
ISO/IEC 27001:2013 Information Security Management System (ISMS) specifies requirements for the establishment, implementation, monitoring, review, maintenance and improvement of a management system for managing an organization's information security risks.
This one-day course is designed to promote awareness of the objectives and benefits of information security, the requirements specified in ISO/IEC 27001:2013 ISMS, and the controls provided in ISO/IEC 27002:2013 Code of Practice for Information Security Controls, and provides and insight into the emerging ISO 27000 series of standards.
ISO/IEC 27001 is suitable for any types of organizations, whether large or small organizations which value the protection of their information. It is also suitable for organizations which manage information on behalf of others, such as IT outsourcing companies.
Senior Managers/Managers, ISMS Implementers, ISMS Consultants, Information Security Practitioners, and anyone who needs to acquire general knowledge in ISMS