Information Security Management Systems
Details
- Map the difference between ISO 27001:2005 and ISO 27001:2013
- Upgrade your existing ISMS to be fully compliant with ISO 27001:2013
- Be equipped for 2nd and 3rd party information security audits
- Acquire and implement flexibility of choice for Risk Assessment where ‘asset owners’ are now ‘risk owners’
- Implement an effective &efficient information security management system
- Learn how to map your stakeholders and interested parties
- Strategically link ISO 31000, ISO 22301 to your Risk Register
APEX Global Learning offers standard promos such as the Early Bird rate or the Group Discount rate. Please contact [email protected] for more information.
Outline
- Processes and Metrics
- Processes defined
- Business Process Thinking
- Types of business processes
- Metrics definitions
- Process and metrics planning
- Aligning process levels to metrics levels – hierarchy
- Introduction to management systems and the process approach
- Fundamental principles of information security
- Defining the scope of an ISMS
- Selection of the approach and methodology for risk assessment
- Risk assessment approach as per ISO 31000<Exercise>
- Drafting the statement of applicability <Exercise>
- Implementation of a document management framework
- Design of controls and writing procedures
- Development of a training & awareness program and communicating about the information security
- Development of metrics, performance indicators & dashboards
- ISO 27001 internal audit <Exercise>
- Management review of an ISMS
- Implementation of a continuous improvement program
- Domains (Increase from 11 to 14) & Control (Reduced from 133 to 114)
- Beyond PDCA
- Requirements on interested parties
- Objectives, monitoring, and measurement
- Roadmap from ISO 2005 to 2013 version
- List of mandatory & non-mandatory documents and records
- Preparation for Stage 1
- Preparation for Stage 2
Our sole aim is to promote performance excellence among professionals. We help our customers achieve greater success through effective, experiential, and results-oriented training delivery. APEX Global (The Academy for Professional excellence) is the learning solutions arm of ECCI—the leading process improvement solutions provider in Southeast Asia. Our sole aim is to promote performance excellence among professionals. We help our customers achieve greater success through effective, experiential and results-oriented training delivery. Our professional development
solutions cover Training and Conferences, Managed Services and Learning on Demand. We organize public training and in-house workshops tailored to specific organizations. We help companies manage their non-core yet critical training function through end-to-end training management - starting from planning and needs analysis to program evaluation and records management. Learning on Demand products we offer provide convenient and innovative ways for learning.
Applying the experience of training over 100,000 professionals in the last decade, a strong pool of expert trainers and facilitators with expertise in a niche array of domains and a strong regional presence, we provide an extensive portfolio of high-quality industry-specific and functional programs coupled with high-quality training materials to deliver our ultimate “promise”—the R.E.A.L. learning experience ...