Synposis
Outline
Objectives
Audience
Certification & Exam Info
Prerequistes
Synposis

This course is a two-day classroom training relevant for professionals who play a role in establishing the ISO/IEC 27000 standard. This course is designed for IT professionals, consultants who play a role in the ISO/IEC 27000 implementation or in providing support around ISO/IEC 27000 certification. Practical examples and case studies are used to guide you through the implementation route and prepare you to conduct a ISO/IEC 27000 assessment or audit. At the end of the three-day classroom training the APMG certification exam can be taken. This training does not cover audit techniques or the issues involved in preparing an organization for an audit.

Outline
  • Introduction to and background of ISO/lEC 27000.
  • The certification scheme.
  • ISO/IEC 27000 Standards family overview
  • ISO/IEC 27001 and Annex A in detail.
  • The use and application of ISO/lEC 27000.
  • The implementation of ISO/IEC 27000.
  • Preparing for a formal audit.
  • ISO/IEC 27000 scoping and applicability.
  • Exam practice and preparations.
Objectives

The purpose of the practitioner qualification is to confirm whether the candidate has achieved sufficient understanding of ISO/IEC 27001 and its application in a given situation.

On completion of this training course, delegates will be able to:

  • Apply the principles of ISMS policy and its information security scope, objectives, and processes within an organizational context.
  • Apply the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security.
  • Analyze and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement.
  • Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS.
  • Understand, create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001.
  • Identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001.
Audience

This qualification is aimed at those who are:

  • Internal managers and personnel working to implement, maintain and operate an ISMS within an organization
  • External consultants supporting an organization’s implementation, maintenance and operation of an ISMS.
  • Internal auditors who are required to have an applied knowledge of the standard
Certification & Exam Info

Delegates who successfully completed the course and pass the exam will be recognized as “Practitioner – Information Security Officer” under the APMG certification scheme.

 For those delegates who do not meet the requirements stipulated in pre-requisites stated above or fail the exam would be awarded a course attendance certificate only.

Exam Format

  • Objective Testing
  • 4 questions per paper with 20 marks available per question
  • 40 marks or more required to pass (out of 80 available) - 50%
  • 2½ hour duration
  • Open book.
Prerequistes

Candidate must hold the APMG ISO/IEC 27000 Foundation certificate

Related Events

There are no upcoming events at this time.

Brochure