Foundations of Information Security

Description

Understand the requirements of ISO 27001:2013 as they apply to an information security management system. This is a two-day, instructor-led classroom course with a written test on Day 2 covering ISO 27001:2013 (IS).

Course Objectives

• Interpret and apply the ISO 27001:2013 requirements
• Recognize relationship between ISO 27000, ISO 27001, and ISO 27002
• Define information security management (ISMS) terminology
• Demonstrate how ISMS planning, policy, objectives, and processes are implemented
• Explain the difference between legal compliance and conformity
• Define the relationship between an organization’s operational informational security requirements and the ISO 27001:2013 standard
• Assess effectiveness of an organization’s information security risk assessment methodologies
• Evaluate risk assessment and risk treatment results to ensure they are appropriately identified within the organization’s statement of applicability