ISO/IEC 27001 Lead Implementer
Why Should You Attend?
During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.
Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Who Should Attend?
- Project managers and consultants involved in and concerned with the implementation of an ISMS
- Expert advisors seeking to master the implementation of an ISMS
- Individuals responsible for ensuring conformity to information security requirements within an organization
- Members of an ISMS implementation team
Learning Objective
Upon successfully completing the training course, participants will be able to:
- By the end of this training course, the participants will be able to:
- Explain the fundamental concepts and principles of an ISMS management system (ISMS) based on ISO/IEC 27001
- Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an implementer
- Initiate and plan the implementation of an ISMS based on ISO/IEC 27001, by utilizing PECB’s IMS2 Methodology and other best practices
- Support an organization in operating, maintaining, and continually improving an ISMS based on ISO/IEC 27001
- Prepare an organization to undergo a third-party certification audit
Educational Approach
This training course is participant centered and:
- This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
- The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The exercises are based on a case study.
- The structure of the quizzes is similar to that of the certification exam.
Prerequisites
The main requirement for participating in this training course is having a general knowledge of the ISMS concepts and ISO/IEC 27001.
Course Agenda
Day 1: Introduction to ISO/IEC 27001 and initiation of an ISMS
- Training course objectives and structure
- Standards and regulatory frameworks
- Information Security Management System (ISMS)
- Fundamental information security concepts and principles
- Initiation of the ISMS implementation
- Understanding the organization and its context
- ISMS scope
Day 2: Planning the implementation of an ISMS
- Leadership and project approval
- Organizational structure
- Analysis of the existing system
- Information security policy
- Risk management
- Statement of Applicability
Day 3: Implementation of an ISMS
- Documented information management
- Selection and design of controls
- Implementation of controls
- Trends and technologies
- Communication
- Competence and awareness
- Security operations management
Day 4: ISMS monitoring, continual improvement, and preparation for the certification audit
- Monitoring, measurement, analysis, and evaluation
- Internal audit
- Management review
- Treatment of nonconformities
- Continual improvement
- Preparing for the certification audit
- Certification process and closing of the training course
Day 5: Certification Exam
General Information
Certification fees are included in the exam price.
Participants will be provided with the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes.
An attendance record worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
In case candidates fail the exam, they can retake it within 12 months following the initial attempt for free.
