implementing the information security management …
TRANSCRIPT
![Page 1: IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT …](https://reader034.vdocuments.site/reader034/viewer/2022042609/62635969d220d0262a643139/html5/thumbnails/1.jpg)
OBJECTIVE
IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT SYSTEM (ISO/IEC 27001:2013) WITHIN YOUR ORGANISATION
This course introduces to the Information Security Management System structure and explores the requirements of ISO/
IEC 27001:2013. It will assist participants with the implementation of Information Security Management System within the
organization.
1. Understand the requirements of ISO/IEC 27001:2013 and understand what needs to be implemented;
2. Appreciate the significance of organizational context and adopting a risk-based approach;
3. Grasp the application of risk-based thinking, leadership and process management;
4. Describe the requirements in Annex A (normative), relating to the reference control objectives and controls;
5. Grasp the information security best practices according to ISO/IEC 27001:2013;
6. Prepare and develop the required skills for an ISO/IEC 27001:2013 implementation and audit.
It will assist participants with the implementation of Information Security Management System within the organization”
“
FEE : RM3,100.00 (subject to 6% SST)
![Page 2: IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT …](https://reader034.vdocuments.site/reader034/viewer/2022042609/62635969d220d0262a643139/html5/thumbnails/2.jpg)
GET IN TOUCH 03 - 8800 7999 [email protected] www.cyberguru.my
En. Shukri Safi’eSecurity Consultant,Nexagate Sdn Bhd
• Certified ISMS/ISO 27001 Lead Auditor• Certified QMS/ISO 9001 Lead Auditor (Integrated)• Certified OHSMS/OHSAS 18001 Lead Auditor (Integrated)• Certified Safety & Health Officer• Kaapagam Certified Professional
Experience
• More than 4 years’ experience in ICT and Management Systems Consultancy and Services, specialized in Information Security, Quality, Occupational Health & Safety, Environmental and Asset Management Services
• Project experience in ISMS, Security Risk Management, QMS, OHSMS, EMS, AMS and FSSC
• Clients include MOF-CDC, JPA, JPB, JPL, LSSPI, TNB, TERAS Teknologi, Sabah Ports, EJSB, NRSB, A1CCS, AirAsia, ADV Fusionex
TRAINER
AGENDA
Module 1: Information Security Landscape
• Information Security Fundamentals• Recent Issues and Case Studies
Module 2: Information Security Management System Clause Requirement
• Context of the Organization• Leadership• Planning• Support• Operation• Performance evaluation• Improvemen
Module 3: Information Security Management System Control Requirement
• Information Security Policies• Organization of Information Security• Human Resource Security• Asset Management• Access Control• Cryptography• Physical and Environmental Security• Operations Security• Communications Security• System Acquisition, Development
and Maintenance• Supplier Relationships
• Information Security Incident Management
• Information Security Aspects of Business Continuity Management
• Compliance
Module 4: Course Assessment
• A multiple-choice question assessment
IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT SYSTEM (ISO/IEC 27001:2013) WITHIN YOUR ORGANISATION