ISO 27002 - Certified Manager

MASTERING THE FUNDAMENTAL PRINCIPLES AND CONCEPTS OF AN INFORMATION SECURITY CONTROL BEST PRACTICES BASED ON ISO 27002

This three days intensive course enables the participants develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO 27002. Participants will also be given a thorough grounding in best practices used to implement information security controls from all the areas of ISO 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO 27005 (Risk Management in Information Security).

Who should attend?

  • Managers or consultants wanting to implement an Information Security Management System (ISMS)
  • Project managers or consultant wanting to master the Information Security Management System implementation process
  • Individuals responsible for the Information security or conformity in an organization
  • Members of the information security team
  • Expert advisors in information technology and technical experts

Learning objectives

  • To understand the implementation of an ISMS
  • To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS
  • To acquire the necessary expertise to support an organization implementing, managing and maintaining an ISMS
  • To acquire the necessary expertise to manage a team implementing ISO 27002

Course Agenda

Day 1: Introduction to Information Security Management System( ISMS) concepts as required by ISO 27002

  • Understand and explain the operations of the ISO organization and the development of information security standards
  • Ability to identify, analyze and evaluate the information security compliance requirements for an organization
  • Ability to explain and illustrate the main concepts in information security and information security risk management
  • Ability to distinguish and explain the difference between the information asset, data and record

Day 2: Security controls identification, assessment, evaluation and analyses according to ISO 27002

  • Understand, interpret and illustrate the relationship between the concepts of asset, vulnerability, threat, impact and controls
  • Ability to identify, understand, classify and explain the clauses, security categories and controls of ISO 27002
  • Ability to detail and illustrate the security controls best practices by concrete examples
  • Ability to compare possible solutions to a real security issue of an organization and identify/analyse the strength and weakness of each solution

Day 3: Introduction to Information Security Management System( ISMS) concepts as required by ISO 27002

  • Ability to select and demonstrate the best security controls in order to address the information security control objectives stated by the organization
  • Ability to create and justify a detailed action plan to implement a security control by listing the activities related
  • Ability to analyze, evaluate and validate action plans for implementing a specific control
  • ANSI Accredited Exam

Educational approach

  • This training is based on both theory and practice:
    • Sessions of lectures illustrated with examples based on real cases
    • Practical exercises based on a full case study including role playing and oral presentations
    • Review exercises to assist the exam preparation
    • Practice test similar to the certification exam
  • To benefit from the practical exercises, the number of training participants is limited

Examination

  • The "Certified ISO 27002 Manager" exam fully meets the requirements of the PECB Examination Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: FUNDAMENTAL PRINCIPLES AND CONCEPTS IN INFORMATION SECURITY
    • Domain 2: INFORMATION SECURITY CONTROL BEST PRACTICES BASED ON ISO 27002
  • The “Certified ISO 27002 Manager” exam is available in different languages (the complete list of languages can be found in the examination application form)
    Duration: 2 hours

  • After successfully completing the exam, participants can apply for the credentials of Certified Lead Privacy Implementer ISO 29100 Provisional
  • A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential

General Information

  • Exam and certification fees are included in the training price
  • Participant manual contains over 250 pages of information and practical examples
  • A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to participants
  • In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions.

Request a Course

Interested in a particular course or would like addition information

Training request

Currently Scheduled Courses

See listing of currently planned courses.

View


Copyright © NISKAA Group 2015. All rights reserved