An understanding of the structure of the standard
An understanding of the underlying philosophy and the principles, concepts and requirements of information Security and how to apply them within an audit context,
An appreciation of the importance of controlling Information Security in all types of business activities,
A basic knowledge of Information Security Issues;
An appreciation of Risk Analysis process
A detailed review and interpretation of the main requirements of ISO.IEC 27001:2013;
Insight of the importance of Information Security Legislation
Expertise on how to use Annexure A of ISO/IEC 27001:2013;
An appreciation of documented management systems to control Information Security;
This course is not only arequirement for those who are to be used for internal information securityaudits, but also an essential course for Senior Management, InformationSecurity Managers and Line Management who wish to have and be part of a successfuland effective Information Security System.
Recap of ISMS concepts and principles- Information Asset,Risk, Risk Assessment, Threat, and Vulnerability.
Detailed Review of ISO/IEC 27001:2013 - Examination of requirements of the standard
Review Annexure A of ISO/IEC 27001:2013 along with significantchanges.
Consolidate learning through Quiz on ISO/IEC 27001:2013 andExercise on new elements of Annexure A.