Introduction

Live Online Training

The Information Security 27001 Lead Implementer course is a course based on the ISO/IEC 27001 international standard. Supported by a real-world adapted case-study, the course challenge the students on the implementation of an Information Security Management System (ISMS) based on the requirements and best practices defined by the ISO/IEC 27000 family of standards and supported by a BEHAVIOUR customized methodology created by experts on information security and on ISO and other related well known best practices on the information security and IT fields.More than knowing the main definitions, concepts, principles and requirements, the students will learn to put into practice an Information Security Program to establish and maintain an ISMS, based on a BEHAVIOUR customized methodology, and supported by several training resources, including several approaches, templates and other tools that will be useful so students may be able to apply their knowledge in a real-world context.

The students will be challenged with a series of exercises, supported by BEHAVIOUR and in-class drafted templates, were the learned knowledge and acquired expertise will came into practice. Exercises such as the understanding of the organization drivers; the information security context establishment, including the information security issues, ISMS interested parties and scope definition; assessing the current and target state to draft the basis for a gap analysis; establish the process and draft an practical approach for assessing and treatment of risk and opportunities, including information security risks; draft the Statement of Applicability (SOA) and the risk treatment plan; establish the information security objectives and plans for their achievement; identify and create plans, processes and procedures to support the ISMS; establish the approach for performance evaluation, including the definition of measures and indicators, internal audits and management reviews; draft the basis for the continual improvement process, including the procedure and template for managing findings; among others, as applicable, are important to allow the implementation of the standard in an organization.

The fundamental knowledge of the Information Security 27001 Foundation course is included, so it is not a prerequisite or a training path.

Course manual updated in with the last released editions of all the related best practices. It also considers the two ISO/IEC 27001 corrections (COR 1:2014 and COR 2:2015) that were released after the last version of ISO/IEC 27001 was published, and the last draft of the new ISO 27002.

Audience

This course is intended to:

Information Security and/or IT Consultants, Auditors, Managers or Risk Professionals participating on an ISMS implementation based on ISO/IEC 27001

CISO, CIO, CSO or any Executive or Senior Manager responsible to ensure the alignment and delivery of value using an ISMS based on ISO/IEC 27001 to maintain Information Security on their organization

Experts responsible for the Information Security/IT Governance on the organization

Project managers leading or preparing to lead an ISO/IEC 27001 implementation program

Any professional, either, IT, information security, business or any other, involved on the establishment, implementation, operations and/or continual improvement of an Information Security Management System (ISMS) based on ISO/IEC 27001

Anyone who wants to acquire the knowledge needed to implement an ISO/IEC 27001 ISMS

Program

1.Introduction to Information Security, the ISO/IEC 27001 standard and, related best practices

2.Establish (Plan) an ISMS based on ISO/IEC 27001

3.Implement and Operate (Do) an ISMS based on ISO/IEC 2700

4.Monitor and Review (Check) and, Maintain and Improve (Act) an ISMS based on ISO/IEC 27001; Advance for the ISO/IEC 27001 Certification Audit

5.Certified Information Security 27001 Lead Implementer (CIS27001LI) Exam

Learning Objectives

At the end of this course students will be able to:

Understand the fundamental information security concepts, and the main requirements and controls of ISO/IEC 27001

Get to know and understand the correlation of the ISO/IEC 27000 family standards, including ISO/IEC 27001, ISO/IEC 27002, and related ISO and other best practices, legislation and regulation

Establish, implement, maintain, and continually improve an Information Security Management System (ISMS), in accordance with the requirements of the ISO/IEC 27001 International Standard

Understand and know how to implement and operate an ISMS in the context of an organization, including the required processes, techniques, and tools

Assess and treat risks and opportunities to successfully achieve the information security objectives in response to the organization objectives

Identify, draft and implement the required information security controls based on ISO/IEC 27002 best practices, including the approach for managing information security incidents and ensuring information security during business continuity

Identify and draft the ISMS required documented information, including templates for policies, processes, procedures, among others required

Understand and implement the performance evaluation requirements, including the approaches for monitoring and measure the ISMS, the internal audit program, and the management review

Identify and respond to the ISMS continual improvement requirements based on the continual changes in the context of an organization

Advise an organization on the latest information security best practices in support to the information security and business objectives

Lead the organization to the achievement of the ISO/IEC 27001 certification.

General Information

Formação na língua portuguesa ou inglesa.

Manual online do curso em Inglês, com cerca de 300 páginas contendo informação e exemplos práticos, com acesso online durante 1 ano. Se pretender, pode adquirir o manual em formato papel.

Metodologia prática de implementação passo-a-passo.

Certificado digital de Frequência de Formação Behaviour com 31 créditos CPD/CPE.

Exame de Certificação, presencial ou online, em Português e Inglês. O exame pode ser realizado até 1 ano, após a conclusão do curso.

Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.

Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.

perguntas frequentes

Como posso contactar o organizador se tiver questões?

More informations about program, dates and prices:https://behaviour-group.com/PT/curso-information-security-27001-lead-implementer/