IS027001 - ISO/IEC 27001 Foundation (Based on ISO27001:2013)
ISO/IEC 27001 (ISO 27001) is an international standard for Information Security management. It provides a model to establish, implement, maintain and continually improve a risk-managed Information Security Management System (ISMS). The standard forms the basis for effective management of sensitive, confidential information and for the application of information security controls.
This course will provide participants a foundation level knowledge of how the standard operates in a typical organization and will also cover areas like Risk Management, Compliance, Cyber Security, Information Management & Analysis.
- The scope and purpose of ISO/IEC 27001 and how it can be used.
- The key terms and definitions used in the ISO/IEC 27000 series.
- The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement.
- The processes, their objectives and high level requirements.
- Applicability and scope definition requirements.
- Use of controls to mitigate IS risks.
- The purpose of internal audits and external certification audits, their
- operation and the associated terminology.
- The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.
This qualification is aimed at those who are:
- Internal managers and personnel working to implement, maintain and operate an ISMS within an organization.
- External consultants supporting an organization’s implementation, maintenance and operation of an ISMS.
- Internal auditors who are required to have an applied knowledge of the standard.
There are no pre-requisites for this course
Delegates who successfully completed the course and pass the exam will be recognized as ISO27001 Foundation certified under the APMG certification scheme.
For those delegates who do not meet the requirements stipulated in pre-requisites stated above or fail the exam would be awarded a course attendance certificate only.