Course Information
What You Will Learn
Course Curriculum
- Introduction.
- The ISO/IEC 27000 family of standards.
- Structure of the ISO/IEC 27001:2022 standard.
- Differences and improvements compared to the previous ISO/IEC 27001:2005 standard.
Preparing for the Information Security Management System (ISMS).
Role of Top Management. Policies. Integration with Business As Usual (BAU). Resources required for an ISMS.
Planning and Operationalizing the ISMS. Defining the Scope of Risk Management, Risk Assessment, Risk Identification, Risk Analysis, Risk Evaluation, Risk Treatment, Risk Criteria. Defining the Statement of Applicability. IMSM Review.
Controls from Annex A: Information Security Policies. Organization for Information Security. Human Resource Security. Asset Management. Access Control. Cryptography. Physical and Environmental Security. Operations Security. Communications Security. System Acquisition, Development, and Maintenance. Supplier Relationships. Information Security Incident Management. Information Security Aspects of Business Continuity Management. Compliance.
Qualification Exam Preparation Workshop (in English). Certification Exam (in English).
Get the Full Syllabus as a PDF
Curriculum, exam format & everything included — sent straight to your inbox.
All You Need to Know
The course is intended for those interested in implementing or maintaining an ISMS and wishing to have a basic understanding of the ISO/IEC 27001:2022 standard, as well as for those working in various roles within an organization that is already certified or is considering ISO/IEC 27001:2022 certification.
ISO/IEC 27001 Certification (both 2013 and 2022) Foundation APMG