	driving worldwide business excellence
			HOME ABOUT US About Omnex Middle East Contact Us Directions Employment Latest In Omnex Staff Client List CONSULTING Consulting Overview Request Consulting Quote TRAINING & WORKSHOPS Training Offerings Middle East Training Schedule Register For Training R&D Series Onsite Training SOFTWARE Product Realization (APQP) Audit Management Continual Improvement Document Management Performance Objectives & Training Measurement Systems Equipment Maintenance Integrated Management Systems(IMS) E-LEARNING RESOURCE CENTER Articles Case Studies KSA Model CAREERS CONTACT US

Training & Workshops

Training Overview

Training Offerings

Training Schedule

Training Registration

Internal Quality Audit ISO 27001:2005

Seminar/Course Content

This training program is offered as a 2 day course, Training covers the standard ISO/IEC 27001:2005 in detail with the domain and control objectives to perform the internal Quality audit in the organization

Who Should Attend/Target

System Administration team, Chief Information Security officer, Network Team, Quality Assurance Managers, Process Implementation Team Members, Internal Quality Audit team

Recommended Training and/or Experience

Participants should have an basic understanding of the Security terminologies

Seminar Materials

Each participant will receive a seminar manual including case studies

Seminar Goals

Provide in detail of the Information security management system and their control objectives to perform the internal Quality Audits

Seminar Outline

Day ITopics Covered

Session I

Introduction

Information Security A perspective
Business evolution
Various information threats
Myths about Information Security
Prime Concern protection of information
Parameters of Information security

Establishing ISMS

ISMS Definition
The ISO 27001 cycle and stakeholders (PDCA model)

Security Organization

Segregation of Duties
Key players of Security Function

Exercise

Form the Security organization and define the Roles and Responsibilities for the same

Session - IIIS Standard

Evolution of ISO 27001
Why ISO 27001
Structure of ISO 27001

Risk Management

Overview of Risk Management
Methodology for Risk Assessment
Risk Treatment
Risk Mitigation

IS-Audit

Audit Methodology
Audit reporting
Corrective and Preventive action

Exercise

Conduct Risk Assessment for your organization

Day II

Session ISecurity Domains

Security Policy
Organization of Information Security
Asset Management
Human resources security
Physical and environmental security
Communications and Operations Management
Access Control

Exercise

For the given scenario, identify the relevant controls and define the policy for that control

Session II

Security Domains Contd

Information systems acquisition, development and maintenance
Information security incident Management
Business continuity management
Compliance

Roadmap for ISO/IEC 270012005 Certification

Risk Management
IS policies
Statement of Applicability (Applicable controls)
Implementation of ISMS
Implementation Review of ISMS
Stage I audit
Stage II audit

Exercise

For the given scenario conduct the Information Security Audit

Course Sequence TTA TP21

Quick Contact

Sitemap | Privacy Policy | Terms of Use