ISO/IEC 27001 – Information Security Officer
Contemporary organisations have a number of information security controls to manage the security of assets such as financial information, intellectual property and technology. However, without a specific information security management system (ISMS), this control system could be disjointed and disorganised.
ISO/IEC 27001 is an international standard for Information Security management which provides a model to establish, implement, maintain and continually improve a risk-managed ISMS. ISO/IEC 27001 specifies a management system that is coordinated with other international standards, enabling information security to be readily incorporated into a single management system.
An organisation that conforms to the ISO/IEC 27001 standard demonstrates clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information. ISO/IEC 27001 therefore provides reassurance to sponsors, shareholders and customers that the organisation has expert control over its risk management and data security.
This course is designed to help you deploy the best security standard for your organisation and empower you with a professional level of knowledge of ISO/IEC 27001. The ISO/IEC Information Security Officer is a critical role in your business that is best placed to identify and apply the necessary controls to mitigate the myriad of today’s security risks.
This course is accredited by APMG providing an independent globally recognized certification in ISO/IEC 27001.
ISO/IEC 27001 Practitioner – Information Security Officer is a 2 day course. Course materials, copies of the relevant standards and sample exams are supplied. LATSA Learning Services Instructors are experienced ISO/IEC 27001 practitioners, consultants, and system implementers.
- Objective Testing
- 4 questions with 20 marks available per question
- 40 marks or more required to pass (out of 80 available) – 50%
- 2 ½ hour duration, open book
What are the learning outcomes?
- Applying the principles of ISMS policy and its information security scope, objectives, and processes within an organisational context.
- Applying the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security.
- How to analyse and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement.
- How to analyse and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS.
- How to create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001.
- How to identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001.
- Internal managers and personnel working to implement maintain and operate an ISMS within an organisation.
- External consultants supporting an organisation’s implementation, maintenance and operation of an ISMS.
- Internal auditors who are required to have an applied knowledge of the standard.
- APMG ISO/IEC 27001 Foundation certificate
Class Sizing and Delivery Mode
- Minimum/Maximum participants per class 4 to 14
- On your site or off site instructor led training
- Individuals – $1,777 ex GST per person
- For groups with 6 or more participants please contact LATSA as a discount may be available