The objective of this course is to provide attendees with the necessary skills to understand how to manage security risk in your corporate environment by using a solid framework and sound methodology based on ISO 27001 principles. Learn how to integrate people, processes and technology to provide a practical education on best practices for Information Security Management, IT Governance and other best practice models. Find out how to blend management, operations, and technology into the 27001 framework to align information security with the overall business objectives.

Gain knowledge of the methodology around 27001 compliance to address how you can manage regulatory compliance and best practices around security risk that face organizations daily. The methodology covers the keys to Building a Security Infrastructure, Proactive Planning (People, Process & Technology), insight in the certification process and continuous maintenance to monitor your plans. Address how management can use the tools to provide an overall approach to managing security risks in order to meet the business objectives. Get insight into the certification process for implementing a security program to ensure management is providing the proper due care and due diligence. Discover the framework of ISO 27001 & 27002, and how it works with CoBit, ITIL, PMBOK, Privacy, Security Techniques, and regulatory compliance. The course includes presentation of information plus practical exercises and workshop activities that enable participants to “learn by doing.” This will provide a valuable resource for participants when they return to the workplace.

Who should attend?

• Top Management representatives
• Security Professionals
• Risk Managers
• Staff responsible for compliance with laws and regulations
• Auditors (External & Internal)
• Information Security Officers
• IT Managers/Directors
• Privacy/Compliance Officers
• Legal counsel
• HR Managers & Staff

 

Benefits to Your Business

• Learn how to adopt Risk Management practices into your organization
• Take the knowledge and skills imparted during the training to increase and improve confidentiality, integrity and availability of information systems
• Improve customer and investor confidence
• Show due diligence and due care