ISO270001 Audit & Implementation
Defscope will provide training based on PECB international certification program.
ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.
ISO/IEC 27001 assists you to understand the practical approaches that are involved in the implementation of an Information Security Management System that preserves the confidentiality, integrity, and availability of information by applying a risk management process. Therefore, implementation of an information security management system that complies with all requirements of ISO/IEC 27001 enables your organizations to assess and treat information security risks that they face.
What do we teach?
Module 1: Introduction to ISO/IEC 27001 standard and Information Security Management System (ISMS)
· Getting acquainted with the objectives and structure of education
· Standards and regulatory frameworks
· Information Security Management System (ISMS)
· Basic principles and concepts of information security
· Preparation for the implementation of ISMS
· Defining the organization and its context
· ISMS Scope
Module 2: Planning the implementation of ISMS
· Leadership and project approval
· Structure of the organization
· Analysis of the existing system
· Information security policy
· Risk Management
· Application Statement
Module 3: Application of ISMS
· Documentation Management
· Selection and preparation of controls
· Implementation of controls
· Communication and Outreach
· Management of security operations
Module 4: Preparation for ISMS monitoring, continuous development and certification audit)
· Monitoring, measurement, analysis and evaluation
· Internal Audit
· Management Control
· Resolution of Inconsistencies
Module 5: Certification exam support
Instructor
Background: Accomplished six years of experience in IT industry, three as ISO/IEC 27001 Lead Implementer leading the development and management of information security systems for large organizations. She is an active member of INSECO organization and regularly taking place at IT events and sharing her knowledge and skills with the society.
Day to Day:
Information Security Engineer at SOCAR.
Lecturer at UNEC.
Degree & Certifications: MScdegree from University of Sheffield,UK.PECB certified ISO/IEC 27001 Lead Implementer, Certified Trainer