Management Training

ISO/IEC27002 Information Security Foundation

Closely aligned with the ISO27001 Standard, ISO27002 serves as a practical guideline for all members of staff as they initiate, implement and maintain an information security programme. An understanding of the best practice guidance as outlined in ISO27002 is essential to ensure the compliance to ISO27001 in any organisation. The ISO27002 ISMS Foundation Course delivers a comprehensive education in ISO27002 best practice and a recognised industry standard certification awarded by EXIN.

Who should attend this course?
  • This course is meant for all roles responsible for initiating, implementing or maintaining information security management systems (ISMS).
  • Every employee, from administrative workers to the CEO, dealing with valuable information.
Prerequisites

There are no formal entry requirements. The course is designed to provide a comprehensive introduction to information security management. Given the close relationship of ISO27002 with ISO27001, we strongly recommend that delegates attend the ISO27001 ISMS Foundation Course prior to taking this course

Training Description

During this course, participants will learn, through a number of interactive sessions, the most significant aspects of the ISO27002 standard, its objectives, requirements, value to the organization, and its relation with the ISO27001 standard as well as with other standards. Additionally, participants will learn about the benefits and improvements that may be achieved by organizations that have an ISO27001-certified ISMS.

Course objectives

  • Learn the importance of confidentiality, integrity and availability of information.
  • Learn the types of risks, threats and damages, and the available risk strategies and the security measures you can take.
  • Get insight in the security policy and organization, inclusive code of conduct, ownership, and roles and responsibilities.
  • Be able to react to and manage security incidents.
  • Learn the various security measures: physical, technical and organizational.
  • Be aware of the most important legislations and regulations.

Introduction to Information Security

  • Information
  • Information Management
  • Reliability Aspects
  • Secure Information Systems Design
  • Operational Processes and Information
  • Information Architecture

Threats and Risks

  • Risk Management
  • Risk Analysis
  • Threats
  • Damage
  • Strategies
  • Guidelines for Implementing Security Measures

Approach and Organization

  • Security policy
  • Information Security Organization
  • Code of Conduct
  • Business Assets
  • Roles
  • Incident Management

Security Measures

  • Types of Security Measures
  • Risks and Security Measures
  • Information Classification
  • Physical Security Measures
  • Technical Measures
  • Organizational Security Measures

Legislation and Regulations

  • Compliance
  • Importance of Legislation and Regulations
  • Information Security Legislation
  • Legislative Acts
  • Information Security Regulations
  • Legislation and Regulations Measures

ISO/IEC 27000 standards

  • Introduction
  • ISO/IEC 27001
  • ISO/IEC 27002

Qualification Scheme

  • Qualification Scheme
  • EXIN contact information

Exam Description

  • Exam format
  • EXIN’s exam content
  • Tips for answering the exam

Review, Evaluation and Examination

  • General review
  • Sample exam
  • Sample exam review
  • Course evaluation
  • Course certificate
  • Certification exam

Practical information

Duration

2 Days

Languages

EN

Price

€1060,00 + 21% VAT

Location

Classroom Courses

Schedule

Guaranteed to run

English courses
15/2 - 16/2Book
10/5 - 11/5Book
01/9 - 02/9Book
20/12 - 21/12Book

Share this course on

Book your training

Enter your information to confirm your booking.

    Prerequisite test

    Looking for a tailor made solution?