Information Secuirty Management System (ISMS)
Certificate
In New Delhi
Description
-
Type
Certificate
-
Location
New delhi
-
Duration
3 Days
The objective of this programme is to create awareness on Information Security and give an overview on ISMS ISO 27001. The course would be useful for organizations who wish to understand the concepts and requirements of ISO27001. The course would be beneficial to organizations interested in pursuing this certification to assess the current level of security awareness within the organization and will provide the audience a direction towards establishing, managing and maintaining an effective Information Security Management System. Suitable for: This training programme is designed to impart the knowledge required to establish, manage and maintain an effective Information Security Management System based on the ISO 27001 Standard. The programme will be conducted in an interactive environment providing greater scope for discussions and practice. Emphasis will be on a highly participative style of learning through Lectures, Group discussions and Syndicate exercises.
Facilities
Location
Start date
Start date
Reviews
Teachers and trainers (1)
MIEL Instructor MIEL Instructor
MIEL Instructor
Course programme
Session – 1
Information Security for the Enterprise
- Confidentiality, Availability and Integrity during the three generations of enterprise
- Security concerns for e-Business initiative
- Information security : Global Standards
- BS7799 and ISO 27001
- ISO27001 Control Objectives Overview
- Defense in Depth
Session – 2
Control Objectives and Controls
Management Control
- Information Security Management System
- Management Responsibility
- Management Review of the ISMS
- ISMS improvement
BS ISO 27001 /IEC 17799 : 2000 Code of Practice for Information Security Management
ISO 27001 : Control Objectives and Controls
11 Security Domains
- Security Policy
- Organizing Information Security
- Asset Management
- Human Resources Security
- Physical and Environmental Security
- Communications and Operations Management
- Access Control
- Information Systems Acquisition, Development and Maintenance
- Information Security Incident Management
- Business Continuity Management
- Compliance
39 Control Objectives
133 Controls
Session – 3
Case Study
Study typical organizations with information security concerns.
Group Exercises and Presentations
Exercise – 1: Identify critical assets and assign sensitivity ratings
- Information assets
- Paper documents
- Software assets
- Physical assets
- People
- Services
- Company image and reputation
Exercise – 2: Identify potential security threats to the information security
- Rate the probability
- Rate the consequences
- Rate the overall risks
- Suggest risk mitigation measures
- Map the risk mitigation measures to ISO 27001 controls
Exercise – 3: Formulate key information security policies
Information Secuirty Management System (ISMS)