0(0)

ISO/IEC 27002 Lead Manager Course

  • Course level: Intermediate

Description

Mastering the Implementation and Management of Information Security Controls based on ISO/IEC 27002

This five-day intensive course enables participants to develop the necessary expertise and knowledge to support an organization in implementing and managing Information Security controls as specified in ISO/IEC 27002. Participants will also gain a thorough understanding of best practices used to appropriately govern Information Security controls across all the principles of ISO/IEC 27002.

To understand the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of Information Security controls
To understand the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
Preparing an acquisition and procurement process
Calculation of benefits using financially oriented and non-financially-oriented cost-benefit techniques
Drafting and implementing cost optimization strategies

Course agenda

  • Day 1: Introduction to Information Security controls and ISO/IEC 27002
  • Day 2: Human resources, Asset Management and Access Control
  • Day 3: Operations and communications security as required by ISO/IEC 27001
  • Day 4: Continuous improvement and preparation for certification
  • Day 5: Certification Exam

Educational approach

This training is based on both theory and practice:

Sessions of lectures illustrated with examples based on real cases
Practical exercises
Review exercises to assist the exam preparation
Practice test similar to the certification exam

 

What Will I Learn?

  • To understand the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
  • To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of Information Security controls
  • To understand the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
  • Preparing an acquisition and procurement process
  • Calculation of benefits using financially oriented and non-financially-oriented cost-benefit techniques
  • Drafting and implementing cost optimization strategies

Topics for this course

35h

Course Agenda?

Course agenda Day 1: Introduction to Information Security controls and ISO/IEC 27002 Course objective and structure Standard and regulatory framework Fundamental Principles of Information Security Information Security Management System Information security policies Organization of information security Day 2: Human resources, Asset Management and Access Control Human resources security Asset Management Access Control Day 3: Operations and communications security as required by ISO/IEC 27001 Cryptography Physical and Environmental Security Operations Security Communications security Day 4: Continuous improvement and preparation for certification System acquisition, development and maintenance Supplier Relationships Information security Incident Management Information security aspects of business continuity management Compliance Golden Rules and Conclusion Lead Manager Certification Scheme Closing the Training Day 5: Certification Exam Prerequisites Knowledge in Information Security is preferred.
risk security
$2,950.00

Material Includes

  • Exam and certification fees are included in the training price
  • A student manual containing over 500 pages of information and practical examples
  • A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
  • In case of failure of an exam, the participants are allowed to retake the exam for free under certain conditions

Requirements

  • Knowledge in Information Security is preferred.

Target Audience

  • Managers or consultants wanting to implement an Information Security Management System (ISMS)
  • Project managers or consultants wanting to master the Information Security Management System implementation process
  • Persons responsible for the information security or conformity in an organization
  • Members of information security teams
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information Security Audit function
Shopping Cart
Scroll to Top