ISO 27001 Introduction Training

If there is any discussion about ISO 27001 in your organisation, or you think you may have contact with information security and certification in the future, it’s a good idea to take this course. In only 2 days, you’ll have a full  overview of ISO 27001.

There are many situations in which this course can be useful:

  • your organisation  is working on or has completed measures to support GDPR
  • ISO 27001 is being considered
  • ISO 27001 programme might be implemented and you might be asked to help or give inputs.

The successful completion of this course will give you knowledge about ISMS (ISO/IEC 27001, Information Security Management Systems) requirements.

ICT Institute is known for its pragmatic approach and for its help to quickly approach matters that work well and matters that can be improved.  Several ways of working and standard procedures will be shown. We also supply ‘Best Practice’ sample documents, so you’ll be a fast starter in any ISO 27001 project.

There is preparation homework (mostly reading) which you will receive one week before the course. The course is taught regularly in our training location in Utrecht, the Netherlands. The training is taught in  Dutch, with English written materials. (teaching in English available on request).

Who should attend?:

This is intended for those who will be involved in implementation an ISMS that conforms to latest ISO/IEC 27001 in any organization. Suggested job functions and their teams include:

  • Information security managers
  • IT and corporate security managers
  • Corporate governance managers
  • Risk and compliance managers
  • Information security consultants

Learning objectives

  • Understand the ISMS requirements
  • Understand the information security risk management process, controls objectives and controls

Course benefits

  • Your organization will have an internal resource and process to plan and establish an ISMS
  • Improve your knowledge on ISMS.
  • Support the organisation to protection the sensitive data, i.e. personal data, trade secret, to compliance with legal, legislation and governance requirements
  • Understand the gaps between existing ISMS and international standards

Course outline

Dag 1, Information security management systems knowledge (ISO 27001)

  • Terms and definitions
  • Management system structure (MSS) and process approach (PDCA)
  • Understanding of organization, interested parties and their requirements
  • Management system scoping
  • Top management leadership, management system policy and objectives
  • Support the management system

Dag 2, Information security risk management 

  • Information asset management (asset register, asset owner)
  • Information security risk management requirements and process
  • Risk assessment (identify the risk, risk owner, risk analysis and risk evaluation)
  • Risk treatment (treatment options, Statement of Applicability(SoA), risk treatment plan)
  • Management system operation
  • Documented management system (standard requirements and from the organization)
  • Samenvatting en conclusies

What’s included?

  • Course material
  • Course certificate

How to Book?

You can contact us for information or registration via the form below. If you prefer to contact us by phone, we would be happy to receive your call. Our contact details can be found at the bottom of this page.