zurück zur Kursübersicht

ISO 27001 Information Security Officer English

Beschreibung

Over the course of three days, we will train you to become an Information Security Officer in accordance with ISO 27001. We take an in-depth and clear look at the planning, implementation and continuous improvement of an information security management system (ISMS) based on the international standard ISO/IEC 27001.


The Security Officer course builds on the content of the 2-day ISO 27001 Foundation training course. Either attend our ISO 27001 Foundation training course or learn the basics on your own using our ISO 27001 Foundation e-learning module. You can have your knowledge from the e-learning confirmed by the same online certification exam that is taken after the regular training. This allows you to save two additional training days on your way to becoming an Information Security Officer.


Kursinhalt

ISO 27001 Information Security Officer INTENSIVE

Our ISO 27001 seminars are based on the current German version of the ISO/IEC 27001 standard, published in 2022. They follow the high-quality qualification program and curricula of the ICO International Certification Organization.

Content of the training

  • Aspects of information security
  • ISMS basics
  • The family of ISMS standards (ISO/IEC 27001)
  • Objectives and measures (controls from Appendix A)
  • Related standards and frameworks
  • BSI basic protection compendium with an overview of hazards, system and process modules
  • Components of an ISMS
  • Steps for setting up an ISMS
  • Application of PDCA to the ISMS
  • Sources of requirements and stakeholders
  • Security criteria
  • Governance: security policy, management responsibility, coordination of information security, responsibilities, embedding in IT governance
  • Risk management: inputs and steps, context, risk assessment, risk treatment, risk acceptance, risk communication, risk monitoring
  • Compliance: Applicable laws, protection of intellectual property, confidentiality of personal data, audits and audit security
  • Monitoring, measurement and evaluation of conformity, effectiveness and efficiency of the ISMS
  • Performance indicators
  • Maturity assessment
  • audits
  • Corrective and preventive measures for improvement

Target group

  • IT security officers and IT managers
  • Information Security Officer (ISO)
  • IT managers and IT project managers
  • IT consultants and IT auditors
  • Data protection officers (DPO)
  • Compliance officers
  • Employees in the IT security area
  • Risk management staff
  • Employees in quality management
  • Managing directors and managers who are responsible for the security of information

Benefits of the training

  • Improved ability to plan, implement and monitor the company's IT security
  • Better understanding of risk assessment and risk treatment
  • Improved ability to identify and address security risks
  • Protect the organization from potential risks and threats from data breaches or cyber-attacks
  • Improved compliance with legal and regulatory requirements
  • Improved business continuity and crisis management
  • Potential cost savings through effective security measures and risk handling
  • Better collaboration between IT and security staff in the company

Agenda

Day 1: 9:00 to approx. 16:30 Day 2: 9:00 a.m. to approx. 4:30 p.m. Day 3: 9:00 a.m. to approx. 4:30 p.m.

Key points of the training

Day 1
  • Introduction
  • Review of the most important ISMS basics (Foundation content)
  • KRITIS, ITSiG and BSI basic protection
  • BSI standards as further representatives for IS management systems
  • Tension between data protection and information security
  • Basic steps for setting up an ISMS
  • Analysis of ISMS requirements
  • Practical Assignment 1
Day 2
  • Measures in the area of governance
  • Measures in the area of risk management
  • Business impact analysis based on BSI baseline protection
  • Practical Assignment 2
  • Measures in the area of compliance
  • Practical Assignment 3 (optional)
3rd day
  • Review of the ISMS
  • Continuous improvement of the ISMS
  • Measures from Annex A of theISMS standard (ISO/IEC 27001) in detail - Part I
  • Measures from Annex A of the ISMS standard (ISO/IEC 27001) in detail - Part II
  • Practical Assignment 4 (optional)
  • Measures from Annex A of the ISMS standard (ISO/IEC 27001) in detail - Part III
 
 

Voraussetzungen

two-day ISO 27001 Foundation training course in advance. On the other hand, those who are familiar with the topic can start directly with the Security Officer training course.

Candidates without a Foundation certificate will only receive an examination certificate after the examination. In order to receive the ISMS Security Officer role certificate, the Foundation exam must also have been successfully completed.

Seminarkosten

2.190,00 €

(2.606,10 € inkl. 19% MwSt.)
pro Teilnehmer


Kursanmeldung

Alternative Standorte und Termine können Sie hier auswählen.