This two-day training offers you a hands-on approach to operate the ISMS and allows you to apply the requirements of ISO 27001 in an organizational context.
This course also brings you an effective preparation for the passing of the official ISO/IEC 27001 Practitioner Certification Exam within the framework of the session.
During these 2 days of training, each participant will learn to:
Apply the principles of a ISMS policy to its scope, objectives and processes in the specific context of an Organization
Apply risk management principles including identification, analysis and evaluation, and propose appropriate treatment actions and controls to reduce information security risks, support business objectives, and improve information security
Analyze and evaluate risk-management actions and controls to assess their effectiveness and opportunities for continuous improvement
Analyze and evaluate the effectiveness of ISMS through internal audit and management reviews to continuously improve the relevance, adequacy and effectiveness of ISMS
Understand, create, apply and evaluate the adequacy, relevance and effectiveness of the documented information and records required by ISO 27001
Identify and implement appropriate corrective actions to maintain ISMS compliance with ISO/IEC 27001
Introduction, context and definitions
What is de ISO/IEC 27001:2013 Standard?
History and state of the art
What is a practitioner ISO/IEC 27001?
Current state of the Standard
Preparation for ISMS
Leadership of the top-management
Politics and objectives
Integration with the daily operation
Resources – Roles and responsibilities
Information security policies
The organization for security
Physical and environmental security
Security of operations
Acquisition, development and maintenance of systems
Security incident management
Security and business continuity
Exam Preparation ISO 27001 Practitioner
Tips and tricks for passing the exam
Blanc exam and group correction
Who should attend?
The ISO/IEC 27001 Practitioner Course (APMG Certification) is intended primarily for professionals involved in information security management:
In-house managers and staff working to implement, maintain and operate an organization's ISMS
External consultants involved in the implementation, maintenance and operation of an Information Security Management Framework (ISMS)
Internal auditors requiring applied knowledge of ISO 27001
Successful completion of the APMG ISO/IEC 27001 Foundation Exam is a prerequisite for taking the ISO/IEC 27001 Practitioner exam.
About the Examination:
The official APMG ISO/IEC 27001 Practitioner exam is included in the training and is one to two weeks after the paper course.
It consists of a 4-question multiple choice questions, each consisting of 20 sub-questions and lasts 2 hours and 30 minutes (+40 additional minutes for non-English speaking candidates). Certification is obtained if the candidate obtains at least 40 correct answers (50%). Use of the printed text of the standard is allowed during the examination
It is important to note that, for the moment, the exam is conducted in English only. There is currently no translation plan provided by APMG