Information security is paramount for any organization to stay in business. Almost daily, there’s news that another database has been hacked or data is corrupted in some way. Most organizations have information security controls, but many do not implement and manage information security management systems (ISMS) that:
· Systematically examine information security risks, threats, vulnerabilities, and impacts
· Manage a comprehensive complement of information security controls to address unacceptable risks, and
· Employ a process-based strategy to ensure that the information security controls are adequate and continually improving.
Who Should Attend:
This course has no pre-requisites and is highly recommended for anyone who will audit, design, implement, maintain and/or improve an ISMS. Anyone who wants to further their knowledge of the ISO standard, should attend.
Recommended follow-up courses:
· High Level Leadership
· Effective Root Cause Analysis
· The key elements of an information security management system
· Management of documents/records, deviations, corrective and preventive actions
· What internal audits are and why they are conducted
· The “Plan-Do-Check-Act” principle
· Management responsibility and review
· Monitoring audit results, corrective and preventive actions
· What preparatory work should be carried out before an audit
· What to pay attention to during the audit
· How to report and follow up on findings.