This course is a two-day classroom training relevant for professionals who play a role in establishing the ISO/IEC 27000 standard. This course is designed for IT professionals, consultants who play a role in the ISO/IEC 27000 implementation or in providing support around ISO/IEC 27000 certification. Practical examples and case studies are used to guide you through the implementation route and prepare you to conduct a ISO/IEC 27000 assessment or audit. At the end of the three-day classroom training the APMG certification exam can be taken. This training does not cover audit techniques or the issues involved in preparing an organization for an audit.
- Introduction to and background of ISO/lEC 27000.
- The certification scheme.
- ISO/IEC 27000 Standards family overview
- ISO/IEC 27001 and Annex A in detail.
- The use and application of ISO/lEC 27000.
- The implementation of ISO/IEC 27000.
- Preparing for a formal audit.
- ISO/IEC 27000 scoping and applicability.
- Exam practice and preparations.
The purpose of the practitioner qualification is to confirm whether the candidate has achieved sufficient understanding of ISO/IEC 27001 and its application in a given situation.
On completion of this training course, delegates will be able to:
- Apply the principles of ISMS policy and its information security scope, objectives, and processes within an organizational context.
- Apply the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security.
- Analyze and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement.
- Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS.
- Understand, create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001.
- Identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001.
This qualification is aimed at those who are:
- Internal managers and personnel working to implement, maintain and operate an ISMS within an organization
- External consultants supporting an organization’s implementation, maintenance and operation of an ISMS.
- Internal auditors who are required to have an applied knowledge of the standard
Delegates who successfully completed the course and pass the exam will be recognized as “Practitioner – Information Security Officer” under the APMG certification scheme.
For those delegates who do not meet the requirements stipulated in pre-requisites stated above or fail the exam would be awarded a course attendance certificate only.
- Objective Testing
- 4 questions per paper with 20 marks available per question
- 40 marks or more required to pass (out of 80 available) - 50%
- 2½ hour duration
- Open book.
Candidate must hold the APMG ISO/IEC 27000 Foundation certificate
There are no upcoming events at this time.