Effective management of information security, and continually improve the security level – ISO 27001 : Qualification Training
Effective management of information security, and continually improve the security level – ISO 27001 : Qualification Training
Aryaduta Hotel Semanggi / Santika Hotel Jakarta | 14 – 15 Maret 2011 |08.30 – 16.30 | Rp 5.150.000,-
This qualification training covers the knowledge required to gain an understanding of the content and requirements of the international standard, ISO 27001: ISMS preparation. It covers the certification requirements of ISO 27001 and how the guidance in ISO 27001 based on BS 7799 and BS 17799 can be adopted by an organization to deliver effective management of information security, and continually improve the security level. The qualification is aimed at staff in internal and external service provider organizations who require knowledge and understanding of the ISO 27001 standard and its content.
The training provides:
- Information Security Management System-ISMS, process and other security management staff with an awareness of and familiarity with the ISO 27001 standard
- Individuals with the necessary knowledge to assess the relevance and importance of the ISO 27001 standard to the security management activities within their own organization
- Managers and team leaders with a knowledge of a typical ISO 270001 IT security management system
- Internal auditors, process owners, process reviewers and assessors with a good knowledge of the ISO 27001, BS 1779, BS 7799 standard, its contents and justification of the need for internal reviews, assessments and audits
- Evidence that delegates have achieved a foundation level of knowledge of the ISO 27001 standard.
OBJECTIVES
At the completion of this course, the participants should be able to :
- Have overview and peripheral understanding of the aims and use of the ISO 27001 Specification and Code of Practice through an understanding of the roles of the component parts of the standard
- Explain appropriately their understanding of the integrated approach to maintaining IT security management systems and processes that conform with ISO/IEC 27001 certification
- Have conditional scoping and eligibility requirements and options to achieve certification
- Understand the common dialectics of Information Security Management System (ISMS) and the Plan, Do, Check Act cycle
- To provide a detail explanation of ISO 27001 ISMS component and the PDCA Cycle. Including Comprehensive Coverage of the Managerial and Technical Aspect of 27001. The training will discuss on how the company management involve in the Information Security Management System. Various methods to do risk Assessment. The implementation process flow to prepare for ISO 27001 Certification
- Have the understanding on the objectives and requirements of each section of the ISO 27001 Specification
- Have and understanding on need to plan, schedule, implement, review of ISO 27001 standard implementation
- Have understanding on reviews and internal audits of IT Security Management systems and ISMS against the requirements of the standard are used.
WHO SHOULD ATTEND
Target Audience :
The course is aimed at all levels within the organization who want to attain an overview of the elements of the ISO 27001 standard and the certification process, and professionals such as the followings:
- IT Manager/ Director
- Business Manager/ Director
- IT Security Audit
- Risk Management Function
- Engineer in charge of IT Security Function
TRAINING METHOD
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
- 50% Theory
- 50% Practices
- Dynamic and interactive training presentation.
TRAINING SYLLABUS
Understanding ISO 27001 scope, purpose and use
Understand the principles of the ISO 27001standard and be able to describe its scope, purpose and use. The principles of a service management system including the need for:
- Overall quality management system on a structured hierarchy of policy, process and procedures
- Taking an end to end security management approach
- Management responsibility and control
- Recognition of the contribution of staff on security management
Understanding ISO/27001 and Information Security Management (ISMS) Approach
Understand the principles and processes for security management and the requirements of the overall security management system.
Adopting the Plan, Do, Check, Act cycle to improve service
Understand the approach to planning and implementing IT service management to ensure the required processes are effectively implemented, services are continually improved and the requirements of the ISO/IEC 20000 standard are met.
Review, assessment and audit of ISMS
Understand the review, assessment and audit of ISMS activities, including the use of supporting systems, tools and techniques that will enable an organization to plan and conduct reviews, assessments and internal audits of IT security management systems.
- Key Components Syllabus
- Background to Information Security
- PDCA Process Approach
- Information Security Management Systems
- Documentation Requirement
- Management Responsibility
- Internal ISMS Audit
- Management Review of ISMS
- ISMS Improvement
- Risk Assessment
- Detail Discussion on The Managerial and Technical Aspect of the ISO 27001 Control Framework
- Certification Process Flow.
LEAD FACILITATOR
Date
14 – 15 Maret 2011, 08.30 – 16.30
Venue
Aryaduta Hotel Semanggi / Santika Hotel Jakarta
Investment :
- Rp 5.150.000,- /Person
- Early Bird : Rp 4.850.000,- (Paid 5 days Before 14 March 2011)
- Group Price : Rp 13.500.000,- (3 participants from the same company)