Lead implementer ISO 27001

Why should you attend the PECB ISO 27001 Lead implementer training?

We are constantly confronted with news about hacked companies, large and small. One of the best approaches to improve the information security of your company is to implement an Information Security Management System or ISMS. An ISMS according to the ISO 27001 standard combines 2 elements that are critical in increasing your security performance:

• It sets up a management cycle also called a Plan-Do-Check-Act cycle by installing a number of processes at management level.
  These processes covers themes like clear organizational roles and responsibilities, defining a clear scope of the ISMS, defining measurable objectives, and performing regular internal audits and management reviews.
• In combination with those processes a risk analysis will be performed that will determine which controls are necessary to reduce information
  security risks in your organization. There are 4 categories of controls. Once these controls are defined, a comparison should be made with the 93 controls from annex A of the ISO 27001 standard.
• The training combines the explanation of the standard with the implementation of a project in order to install the processes and controls mentioned above. Typically a project implementation starts with defining a project scope, a project organization, a business case and an implementation plan. All these subjects are covered in this training which makes it quite intensive.

The training prepares very well for the exam and most students having followed the training (in combination with some prior knowledge and some home study) will pass the exam successfully immediately after the course.

Who can Attend?

• Managers or consultants involved in and/or concerned with the implementation of an information security management system in an organization.
• Project managers, consultants, or expert advisers seeking to master the implementation of an information security management system; or individuals responsible for maintaining conformity with the ISMS requirements within an organization.
• Members of the ISMS team of an organization

Learning objectives

By the end of this training course, the participants will be able to:

• Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
• Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an implementer
• Initiate and plan the implementation of an ISMS based on ISO/IEC 27001, by utilizing PECB’s methodology and other best practices
• Support an organization in operating, maintaining, and continually improving an ISMS based on ISO/IEC 27001
• Prepare an organization to undergo a third-party certification audit

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes is similar to that of the certification exam.