Credibility is the key advantage of being certified by a respected, independent and competent third party. The assurance it provides gives confidence to management, business partners, customers and auditors that the organization is serious about information security management.
The ISO/IEC 27000 standard consists of two parts:
ISO/IEC 27000 Part 1 is a Standard Code of Practice that provides an organization with default guidelines on the types of security controls an organization should implement to safeguard their assets. The scope of this standard covers all communication systems such as voice, internet, phones, faxes, etc.
ISO/IEC 27000 Part 2 is Management Standard Specification which outlines the necessary steps required in establishing a management framework. It encompasses people, IT systems and the processes within the organization.
About this workshop
The workshop is aimed at providing an in-depth understanding of how to conduct audit of the ISO/IEC 27001 standard. Participants understand
The workshop includes exercises, case studies and role plays to help participants gain a better understanding on how to conduct an ISMS audit.
Benefits
On completion of this workshop, participants will get a better understanding of
Who should attend
This workshop is meant for professionals responsible for Information Security Management Systems (ISMS) in key functions such as
Anyone aspiring to implement / audit ISO/IEC 27001 standard would benefit from this workshop. Prior knowledge on information security management and the ISO 27001 series of standards is desirable.
Workshop Outline