Main Topics
- What is the information security management system? Why is it necessary?
- “Plan – Apply – Check, Take Action” cycle in ISO 27001
- Information system risk analysis and treatment
- ISO 27001 basic control areas
– Security policy
– Information security organization
– Asset management
– Human resources security
– Physical and environmental security
– Communication and operating management
– Access control
– Information system acquisition, development and maintenance
– Information security incident management
– Business continuity management
– Harmony - Compliance audit to ISO 27001
– Audit planning
– Audit checklists
– Nonconformities and reporting-
- Various applications
-
Prerequisites
There is no specific prerequisite. Familiarity with quality systems is an advantage.
Duration: 3 days