BSI ISO 27001 IMPLEMENTATION

SUMMARY

The objective of this course is to provide attendees with the necessary skills to implement an ISMS in accordance with the requirements of ISO 17799 and also meet the requirements of ISO/IEC 27001:2013 certification. 

AGENDA 

DAY 01

• Rationale for an ISMS and important considerations

• What is implementation?

• What is the implementation process and process model?

• Senior management interview

• Project scoping and planning

• Cost estimation

• Steps in a project process

• Developing a typical timeline for an implementation plan

• Process-based approach

• Plan-Do-Check-Act and ISMS

• ISO /IEC 27001 structure, history, terms and definitions

• High-level structure

• Management representative criteria

• Day 01 Review

DAY 02

• Gap analysis - step 01 / GAP analysis

• What are the gaps?

• Clause 4: Organisational context

• Stakeholders and information assets

• Gap analysis - stage 2 asset register and asset classification

• Clause 5: Top management

• Information security policy

• Clause 6: Planning

• Risk assessment

• Risks - threats and vulnerabilities

• Risk assessment tool - FMEA

• Risk assessment and risk likelihood of risk

• Day 02 review

GENERAL INFORMATION

Advanced-level course

Mode: On-site training

Duration: 2 days

Upon successful completion of this course, you will receive an internationally recognised BSI certificate.