OBJECTIVE

IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT SYSTEM (ISO/IEC 27001:2013) WITHIN YOUR ORGANISATION

This course introduces to the Information Security Management System structure and explores the requirements of ISO/

IEC 27001:2013. It will assist participants with the implementation of Information Security Management System within the

organization.

1. Understand the requirements of ISO/IEC 27001:2013 and understand what needs to be implemented;

2. Appreciate the significance of organizational context and adopting a risk-based approach;

3. Grasp the application of risk-based thinking, leadership and process management;

4. Describe the requirements in Annex A (normative), relating to the reference control objectives and controls;

5. Grasp the information security best practices according to ISO/IEC 27001:2013;

6. Prepare and develop the required skills for an ISO/IEC 27001:2013 implementation and audit.

It will assist participants with the implementation of Information Security Management System within the organization”

“

FEE : RM3,100.00 (subject to 6% SST)

GET IN TOUCH 03 - 8800 7999 training@cybersecurity.my www.cyberguru.my

En. Shukri Safi’eSecurity Consultant,Nexagate Sdn Bhd

• Certified ISMS/ISO 27001 Lead Auditor• Certified QMS/ISO 9001 Lead Auditor (Integrated)• Certified OHSMS/OHSAS 18001 Lead Auditor (Integrated)• Certified Safety & Health Officer• Kaapagam Certified Professional

Experience

• More than 4 years’ experience in ICT and Management Systems Consultancy and Services, specialized in Information Security, Quality, Occupational Health & Safety, Environmental and Asset Management Services

• Project experience in ISMS, Security Risk Management, QMS, OHSMS, EMS, AMS and FSSC

• Clients include MOF-CDC, JPA, JPB, JPL, LSSPI, TNB, TERAS Teknologi, Sabah Ports, EJSB, NRSB, A1CCS, AirAsia, ADV Fusionex

TRAINER

AGENDA

Module 1: Information Security Landscape

• Information Security Fundamentals• Recent Issues and Case Studies

Module 2: Information Security Management System Clause Requirement

• Context of the Organization• Leadership• Planning• Support• Operation• Performance evaluation• Improvemen

Module 3: Information Security Management System Control Requirement

• Information Security Policies• Organization of Information Security• Human Resource Security• Asset Management• Access Control• Cryptography• Physical and Environmental Security• Operations Security• Communications Security• System Acquisition, Development

and Maintenance• Supplier Relationships

• Information Security Incident Management

• Information Security Aspects of Business Continuity Management

• Compliance

Module 4: Course Assessment

• A multiple-choice question assessment

IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT SYSTEM (ISO/IEC 27001:2013) WITHIN YOUR ORGANISATION