ISO/IEC 27001 provides a model for creating, implementing, exercising, auditing, maintaining and improving an information security management system. The structure and implementation of the system are based on the needs, objectives, information values, security requirements, processes and other characteristics of an organization.

Main Topics

As a formal specification of the standard, ISO/IEC 27001 defines and comprises the requirements for an information security management system:

• Information Security Management System
• Management responsibility
• Internal ISMS audits
• Management audit of the ISMS
• ISMS Optimization
• Control objectives and controls

The Foundation Training in ISMS according to ISO/IEC 27001 will teach you what an ISMS is and which minimum requirements companies should strive for in connection with ISO/IEC 27001. You will be trained to know and understand the explained terms and concepts.

Goals

The participants understand the scope, objectives, key terminology and high requirements of the ISO/IEC 27001 standard as used in an information security organization and the main elements of the certification process. In particular, they learn:

• The scope and purpose of ISO/IEC 27001 and how it can be used
• The key terms and definitions used in the ISO/IEC 27000 series
• The fundamental requirements for an ISMS in ISO/IEC 27001 and the need for continual improvement
• The processes, their objectives and high level requirements
• Applicability and scope definition requirements
• Use of controls to mitigate IS risks
• The purpose of internal audits and external certification audits, their operation and the associated terminology
• The relationship with best practices and with other related International Standards: ISO 9001 and ISO/IEC 20000.

Requirements

No formal requirements

Target Audience

Internal and external persons who fulfill a role in the area of information security management or have an interest in this standard, even if the company itself is not (yet) certified: executives, management representatives, security officers, information security managers/officers, employees of the audit department, IT managers, IT consultants.

Certificate

ISO/IEC 27001 Foundation Certificate, awarded by APMG

Exam language English / German

Teaching Materials

Teaching material in English includes:

• Student workbook
• Training-slides
• Exam simulator
  

The standard “ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems” is provided and used for training purposes in the course but cannot be handed in for copyright reasons.

Early bird discount

If you book more than 4 months in advance, we offer you a discount of 10% on the course fee

Quantity discount

Motivate your environment. Already with 3 persons in the same course and simultaneous registration we grant interesting discounts on the course fees:

• 3 people on the same course date 10%
• 4 people on the same course date 15%
• 5 people on the same course date 20%

The discounts are not cumulative – the highest discount always applies.

Book directly

We offer most onsite courses in hybrid mode. You have the possibility to participate remotely in the onsite trainings. Simply check the appropriate box when registering.