Key Information
Target audience: IT employees and managers, IT security officers, data protection officers, IT auditors, IT consultants, project managers | Duration 2 days | 9:00-16:30 | Trainer: mITSM GmbH | Online seminar | Number of participants: 3–12
Description
The international standard ISO/IEC 27001 specifies the requirements for the establishment, implementation, maintenance and continual improvement of a documented information security management system.
The Foundation course provides all the basic knowledge required for information security management in accordance with ISO/IEC 27001. It prepares you directly for certification to ISO/IEC 27001.
The seminar teaches the basics of Information Security Management Systems (ISMS) and the specific requirements of the ISO/IEC 27001 standard. This includes the requirements for establishing, implementing, maintaining and continually improving a documented information security management system. The trainer will cover risk management, implementing and monitoring information security measures, conducting internal audits and evaluating the ISMS.
At the end of the seminar there will be an online exam to obtain the certificate. The exam fee is included in the price (single price: €190).
After your order: By placing your order, you agree that we can pass on your address (email and post to send printed training materials) and the seminar you have purchased to our training partner mITSM. We do not share any payment information. The email address is required for access to the seminar and to process the certificate exam.
Certification Exam
How do I get my certification?
The exam is online. You decide when and where you take the exam. Certification body for the personnel certification according to ISO/IEC 27001 at the mITSM is the ICO – International Certification Organization.
Details about the ICO’s online exam
After we have registered you for the online exam, you will receive an email with all important information (usually on the first day of training). Please read this carefully. In the email there is a link to your personal exam page where you will find your ordered exams. For each of your exams, there is a link to a sample exam. This way, you can familiarize yourself with the system, before taking the real one. These links are valid for 365 days. The exam can be taken at any time of the day or night during this 30-day-period. The ICO examination system SOE monitors the exam. In case you fail the exam, you may retake it for half the price. For more info, please follow this link to the ICO online exam FAQs and scroll down.
What is the format of the certification exam?
- Multiple choice exam
- Language: English or German
- Duration: 45 minutes
- Number of questions: 30
- There are two or three possible answers.
- One, two or all three answers can be correct.
- A question is answered correctly if all the correct answers are ticked and none of the incorrect answers are ticked.
- At least 60% of the questions must be answered correctly to pass.
Step-by-step instructions
Agenda
- Overview of the ISO/IEC 27000 series
- Basics of information security management systems
- ISO/IEC 27001 – Minimum requirements
- ISO/IEC 27001 – Objectives and measures
- Related standards and frameworks
- Certification options according to ISO/IEC 27001
- Risk management and risk assessment in information security
- Introduction to ISO/IEC 27002 as an important complement to ISO/IEC 27001
- Best practices for information security management systems
- Protection of personal data and privacy
- Physical and logical security of IT systems
- Legal and regulatory requirements for information security management systems
- Establishment, implementation, monitoring, and improvement of an ISMS according to ISO/IEC 27001
- Importance of information security for business and organization
- Methods for implementing ISO/IEC 27001 requirements in practice
Learning Objectives
- Familiarity with the concept of risk assessment and treatment
- Understanding of the relationships between the standards of the ISO/IEC 27000 series
- Learn methods for implementing an ISMS
- Improved ability to identify and address security risks
- Improved ability to manage and protect information securely
- Increased customer and stakeholder confidence in information security
- Improved internal communication and collaboration between IT and security personnel
- Improved compliance with legal and regulatory requirements
- Improved planning, implementation, and monitoring of security measures
- Improved business continuity and crisis management
Target Audience
The ISO 27001 Foundation course is aimed at professionals responsible for implementing and maintaining Information Security Management Systems (ISMS), as well as individuals working in IT and security management teams. This includes IT staff and managers, IT security officers, data protection officers, IT auditors, IT consultants and project managers.