ISO 27001:2013 Basic Training

Basic training course gives a thorough introduction to Information Security Management, together with the requirements for ISMS implementation.

Who should attend

This course is designed for people assigned to implement an ISMS practically.


To give an understanding of:

  • What an information security management system (ISMS) is and how it can help business
  • Why companies are going for registration to ISO 27001:2013
  • The basic registration process
  • Where to get help and information
  • Where to start to implement a system
  • The ISO 27001 standard and its documentation requirements
  • Risk assessment
  • To identify the requirements for an ISMS
  • To explain the tools used to meet the requirements
  • To assist people in attaining the skills to be able to implement an effective ISMS
  • A statement of applicability and a risk treatment plan
  • The audit process utilising a risk treatment plan

Course content

This course giving an overview of an ISMS and the requirements for implementation containing the following:

  • Overview of what is meant by ISMS and the basic constituents of an ISMS
  • Explanation of how an ISMS can help
  • Overview of the requirements of ISO 27001:2013 and the potential benefits
  • Implementation of an ISMS, including setting and reviewing ISMS policy, procedures required by the standard
  • Identifying and evaluating assets
  • Vulnerabilities associated with these assets, risk assessment
  • Annex A, control objectives, risk treatment plan & statement of applicability


What should have been learnt

  • How to start implementing an ISMS practically
  • Some of the tools and documentation used to achieve results within an ISMS
  • The benefits of an information security management system to the business.

Yorum Yap

Lütfen yorumunuzu girin.
Lütfen adınızı giriniz.