For more information on accessibility, access procedures and deadlines, see our Training page.
ISO 27001 – Information Security Management System – #271
1,450.00 € HT
Context
- The ISO 27001 standard for information security management responds to a growing need to protect sensitive data from digital threats, regulatory requirements and the expectations of customers and partners.
- You want to implement an Information Security Management System (ISMS) that complies with ISO 27001, with a structured and sustainable approach to identifying risks, defining appropriate measures and ensuring continuous improvement. Such a system is not limited to technology: it integrates all of the organisation’s processes, reinforces responsibilities and a culture of security, thereby ensuring effective and sustainable protection of information assets.
Objectives
- Understand the requirements of the standard in order to assess your company’s level of compliance.
- Master the concepts and practices for implementing an effective Information Security Management System.
- Implement operating methods that are relevant and adapted to your context, and comply with the requirements of ISO 27001.
Recommanded for
- Managers, cybersecurity officers, quality or QSE managers, CISO, internal auditors, anyone involved in implementing or coordinating an ISMS compliant with ISO 27001:2022.
Specific operating conditions for remote sessions
- Have a PC equipped with a microphone, a webcam and, if possible, a headset for greater comfort. Note: wallpapers are available on Zoom or Teams to hide the background.
- Have a good Internet connection, which should be tested before the session.
- Settle down in a quiet, isolated place; set yourself to “unavailable” status on Teams; close your email access, and mute your phone, so as not to be disturbed during the session.
- Participants from the same organisation should not be grouped together in the same room, but each at their own desk.
- This Quiz must be taken with the webcam and microphone open. We may need to check that you are alone in the room.
- Please sign in 5 minutes before the start of the session.
Prerequisites
- Have the ISO 27001 version 2022 standard at your disposal.
Pedagogy
- Theoretical presentations, interactive discussions, case studies and practical exercises.
- Each requirement in the standard is explained, specifying its objectives (‘Why is this requirement necessary?’) and its content (‘What exactly are the requirements?’), and is illustrated with examples from our experience.
- In inter-company training: the exercises provide a step-by-step understanding of how the requirements are applied in the context of a fictitious company.
Evaluation mode
- Knowledge test (multiple-choice questions).
Course materials
-
Participant’s file containing the presentations delivered during the training and the exercise materials.
To go further
Training:
Consulting Services: EURO-SYMBIOSE can assist you with the practical implementation of this system in your company. Contact us for more information.
Day 1: Fundamentals and implementation of ISMS
- Introduction to information security standards and principles
- Chapter 4: Organisational context
- Chapter 5: Leadership, policy and security objectives
- Chapter 7: Supports and measures and Annex A.6 Security measures applicable to persons
- Chapters 9 and 10: Performance evaluation and continuous improvement
- Implementation of the Declaration of Applicability (DoA) and link to Annex A
- Vocabulary and theory of security risks
Day 2: Applicable Security Measures
- Appendix A: A.5 Organisational Security
- Appendix A: A.6 Human Resources Security
- Appendix A: A.7 Physical Security
- Appendix A: A.8 Technological Security
- Chapters 6 and 8: Identification of IS security risks and implementation of security in activities
- Risk analysis
- Risk treatment
Votre référent :
Aline FÜRSTENBERGER
Partner Consultant and Trainer – Cybersecurity Expert