driving worldwide
business excellence

> Training and Workshops

Seven Steps to Building an ISMS with ISO/IEC 17799:2005 and ISO/IEC 27001:2005

Seminar Content

This 3-day intensive course leads to a Certified Information Security Management System (ISMS) Lead Implementer for ISO/IEC 27001:2005 (CISMS-LI) Certification. It is designed to walk students through the business process of establishing, implementing and maintaining an Information Security Management System (ISMS) using the ISMS Implementation Framework based on the ISO/IEC 17799:2000 and ISO/IEC 27001:2005 standards.

Its core focus is to train participants on practical steps involved in building and implementing an ISMS. It equips and prepares students with the necessary skills to implement an ISMS that is compliant with the requirements of ISO/IEC 17799:2005 and meets the certification requirements of ISO/IEC 27001:2005.

Who Should Attend

Managers/Business heads with responsibility for implementing information security, management representatives, Information Security consultants, and all others seeking to implement an advanced information security management system.

Recommended Training and/or Experience

Participants are expected to have exposure to information security and the ISO/IEC 17799:2005 and ISO/IEC 27001:2005 standards or they must have implemented other management system standards like ISO 9000 or ISO 14000.

Seminar Materials

All students will receive a copy of the training materials.

Seminar Goals

• Understand the purpose of an information security management system (ISMS)
• Understand and ask the pertinent questions required for a ISO/IEC 17799:2005 or ISO/IEC 27001:2005 Gap Analysis
• Learn the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS as defined in ISO/IEC 17799:2005 and ISO/IEC 27001:2005
• Receive hands-on exposure to a variety of risk assessment tools and techniques
• Prepare an effective security improvement plan
• Gain the knowledge and skills for advising on compliance to the standard

Seminar Outline

A combination of tutorials, exercises and role playing will address the step-by-step ISMS Implementation Framework based on the ISO/IEC 17799:2005 and ISO/IEC 27001:2005 standards for successfully managing and maintaining information security in organizations.

The Three day workshop will cover

1. Basics of an Information Security Management System
2. Security Policy: Designing security policy and procedures
3. ISMS Scope : Defining the ISMS scope
4. Risk Assessment: Techniques
5. Risk Treatment: Control selection based on ISO/IEC 27001:2005.
6. ISMS Documentation including preparation of the Statement of Applicability.
7. ISMS Implementation: Deployment and operation of an ISMS
8. Certification process, surveillance visits and re-certification
9. The continual improvement program:
   • Monitoring, reviewing and checking the ISMS
   • Implementing corrective and preventive controls

Students must pass the written ISMS lead Implementer examination for implementing the ISMS Implementation Framework.

Course Sequence: ISMS3DIMP

Sitemap | Privacy Policy | Terms of Use

© 2008 Omnex Inc, USA. All rights reserved
Questions or comments regarding this website: webmaster@omnex.com
Powered By Omnex Communications

This site is designed for Netscape 6x, Internet Explorer 5x, and Mozilla 1x