This course enables participants to learn the best practices for implementing and managing an information security management system as specified in ISO/IEC 27001:2005 and the best practices for implementing information security measures from the 11 domains of ISO/IEC 27002:2005. This course also enables the understanding of the relationship of ISO 27001 and ISO 27002 with ISO 27003 (Guidelines for the implementation of information security management systems), ISO 27004 (Measurement) and ISO 27005 (Information security risk management).

If you would like to take this course by distance learning, click on the “Distance training” button to discover the program.

Overview

  • Understand the implementation of an Information Security Management System (ISMS) in accordance with ISO 27001
  • Understand the relationship between an ISMS and compliance with the requirements of the different stakeholders of an organization (compliance, regulations, internal policies…)
  • Know the concepts, approaches, standards, methods and techniques to effectively manage an Information Security Management System
  • Acquire the necessary knowledge to contribute to the implementation of an Information Security Management System as specified in ISO 27001

Course Curriculum

Day 1

Introduction to the Information Security Management System (ISMS) concept as defined by ISO 27001

  • Introduction to the ISO 27000 family of standards
  • Introduction to management systems and the process approach
  • Fundamental principles of information security
  • General requirements: presentation of clauses 4 to 8 of ISO 27001
  • Implementation phases of the ISO 27001 framework
  • Continuous improvement of Information Security
  • Conducting an ISO 27001 certification audit

Day 2

Implementing ISO 27002 compliant information security measures and certification review

  • Definition of the scope of the ISMS (field of application)
  • Development of the ISMS policy and objectives
  • Selection of the risk assessment approach and method
  • Risk management: identification, analysis and treatment of risk (according to ISO 27005)
  • Drafting of the Statement of Applicability

Learning
Assessment

PECB Certified ISO/IEC 27001 Foundation” exam is held on the 2nd day of training and lasts 1 hour. The exam covers the following competency areas:

  • Area 1: Fundamental Principles and Concepts of Information Security Management System
  • Area 2: Information Security Management System

The +

This training is based on the alternation of theoretical and practical time:

  • Lectures illustrated with examples from real cases
  • Classroom exercises to help prepare for the exam
  • Practical tests similar to the certification exam

In order to preserve the good realization of the practical exercises, the number of participants in the training is limited.

Who should attend?

  • Members of an information security team
  • Information security professionals who want to gain a comprehensive understanding of the main processes of an information security management system (ISMS)
  • Any person involved in the implementation of the ISO 27001 standard
  • Technicians involved in ISMS operations
  • Auditors
  • Managers and executives in charge of IT governance and risk management

Prerequisites

  • Basic knowledge of information security

How and
when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 5 working days before the start of the training.

Accessibility

Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the place, the material used, the schedules, the rhythm, we are at your disposal.

To go further

This training enables you to prepare for the following courses:

Duration

2 days (14h)

Price

€1700 excl tax

Meal

Breakfast & lunch included

For French residents

+ OPCO support

Overview

  • Understand the issues of security management and its implementation
  • Acquire the terminology and basic knowledge necessary to meet the requirements of ISO 27001 in the context of a company
  • Discover the best practices of Information Security management and its articulation with risk management

Course Curriculum

Session 1

Fundamentals and knowledge of the organization

  • The ISO model
  • The Deming wheel (PDCA)
  • Internal issues
  • External issues
  • Field of application

Session 2

Leadership
and
planning

  • Leadership
  • Planning
  • PDCA on safety measures

Session 3

ISS
Risk
Management

  • Definition of risk
  • Processes to be implemented

Session 4

Support and operation

  • Resources, Skills and Communication
  • Appendix A

Session 5

Evaluation and maintenance of the ISMS

  • Audit and control process
  • Continuous Improvement

Principle planning

  • 10 hours of classes with the trainer divided into 5 sessions of 1h30 to 2h
  • 4 hours of personal work time in autonomy
Monday Tuesday Wednesday Thursday Friday
Week 1 Introduction Session 1
Week 2 Session 2 Session 3 Session 4 Session 5 Exam

Learning
Assessment

  • 1H closed book online certification exam.
  • Composed of a total of 50 multiple choice questions

The +

  • Training provided by a cybersecurity expert
  • An intuitive and easy-to-use platform
  • Exchange moments on key concepts and experience sharing adapted to the learners’ context
  • A training pedagogy adapted to all learning profiles

Who should attend?

  • Any person involved in information security management
  • Individuals wishing to acquire knowledge of the main processes of the Information Security Management System
  • People who wish to pursue a career in information security management

Prerequisites

  • Basic knowledge of information security

How and when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 5 working days before the start of the training.

Accessibility

Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the place, the material used, the schedules, the rhythm, we are at your disposal.

To go further

This training enables you to prepare for the following courses:

Duration

14 hours

Price

€1300 excl tax

Package

Full pack 35h – Foundation & Lead Implementer: € 2000 excl. tax
or
Full pack 35h – Foundation & Lead Auditor: € 2000 excl. tax

For French residents

+ OPCO support

Download the educational sheet in PDF format

Would you like more information?

contact us by filling out this form

    Almond commits itself to ensure that the collection and processing of your data, carried out from the site https://almond.consulting/, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data.
    The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information.
    You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see cnil.fr for more information on your rights).
    You can exercise your rights by contacting Almond's Data Protection Officer at the following address: dpo@almond.consulting.
    Your data will be kept within the European Union, in accordance with the regulations in force.