Search Results

9 Products Found:

Our Price: $1,995.00

SKU: 29100-CLPI-LI-V |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five-day intensive course enables Virtual Participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".


General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 29100-CLPI-LI |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK

SUMMARY
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".

General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27001-MS |

ISO / IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEM CERTIFICATION

BUILD A REPUTATION AS A COMPANY THAT KEEPS ITS INFORMATION SAFE WITH THE ISO/IEC 27001 CERTIFICATION

SUMMARY
The ISO/IEC 27001 Information Security Management standard helps organizations to keep their information assets secure, by building an information infrastructure against the risks of loss, damage or any other threat.

Companies that certify their management system against ISO/IEC 27001 validate that the security of financial information, intellectual property, employee details, or information entrusted from third parties is being successfully managed and continually improved in accordance with widely accepted best practices and the standard’s framework.

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR ORGANIZATION:
• Provides senior management involved in information security with an efficient management process
• Provides you with a competitive advantage due to customer trust and market share
• Reduces costs due to incident and threat minimization
• Demonstrated compliance with customer, regulatory and/or other requirements
• Sets out areas of responsibility across the organization
• Communicates a positive message to staff, customers, suppliers and stakeholders
• Integration between business operations and information security
• Alignment of information security with the organization’s objectives
• Seizing opportunities to put forward true value through enhancement of marketing

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR CUSTOMERS:
• Keeps intellectual property and valuable information secure
• Provides customers and stakeholders with confidence in how you manage risk related to information security
• Secures exchange of information
• Ensures that you are meeting your legal obligations
• Manages and minimizes risk exposure
• Cost savings for rework, damages and waste

UNDERSTANDING THE CERTIFICATION PROCESS
ISO/IEC 27001 certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization is in compliance with the requirements of the ISO/IEC 27001 standard. This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.


Step 1. Pre-Audit (Optional)- It must be done at least 3 months before Certification Audit


Step 2. Audit Plan - Plan for audit has to be mutually agreed


Step 3. Audit Stage 1 & 2 - Non-conformities must be closed at least 3 months after audit conclusions


Step 4. Initial Certification - Certificate will be issued within 2 weeks after successful audit closing
Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

• Surveillance Audit Stage 1 - No longer than 12 months from the initial certification audit
• Surveillance Audit Stage 2 - No longer than 12 months from the 1st surveillance audit

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole. 


PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/ 

Our Price: $1,995.00

SKU: 27002-Lead Mgr-V |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002. (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27002-Lead Mgr |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002.

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,679.00

SKU: 27002-Mgr |
MASTERING THE FUNDAMENTAL PRINCIPLES AND CONCEPTS OF AN INFORMATION SECURITY CONTROL BEST PRACTICES BASED ON ISO/IEC 27002

SUMMARY
This three-day intensive course enables participants to develop the expertise needed to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27002.

Participants will also be given a thorough grounding in best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects).


Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function

Course Agenda

Day 1 - Introduction to Information Security Management System (ISMS) concepts as required by ISO 27002

▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security
▶▶Human resource security

Day 2 - Human resources, Asset Management and Access Control according to ISO 27002

▶▶Asset Management
▶▶Access Control
▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security

Day 3 - Operations and communications security and Certification Exam

▶▶Communications Security
▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam

General Information
▶▶ Exam and certification fees are included in the training price
▶▶A student manual containing over 350 pages of information and practical examples will be distributed to the participants
▶▶A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to the participants


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,200.00

SKU: 27002-Mgr |
MASTERING THE FUNDAMENTAL PRINCIPLES AND CONCEPTS OF AN INFORMATION SECURITY CONTROL BEST PRACTICES BASED ON ISO/IEC 27002 (3 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This three-day intensive course enables participants to develop the expertise needed to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27002.

Participants will also be given a thorough grounding in best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects).


Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function

Course Agenda

Day 1 - Introduction to Information Security Management System (ISMS) concepts as required by ISO 27002

▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security
▶▶Human resource security

Day 2 - Human resources, Asset Management and Access Control according to ISO 27002

▶▶Asset Management
▶▶Access Control
▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security

Day 3 - Operations and communications security and Certification Exam

▶▶Communications Security
▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam

General Information
▶▶ Exam and certification fees are included in the training price
▶▶A student manual containing over 350 pages of information and practical examples will be distributed to the participants
▶▶A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to the participants


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,995.00

SKU: 27001-LA-V |
MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO 19011 AND ISO/IEC 17021 (5 Day Course for Virtual Participants Only)

SUMMARY
This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

Learning Objectives
▶To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
▶▶To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
▶▶To acquire necessary expertise for managing an ISMS audit team
▶▶To understand the operation of an ISO/IEC 27001

Day 1 
- Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001

▶▶ Normative, regulatory and legal framework related to Information Security
▶▶ Fundamental principles of Information Security
▶▶ The ISO/IEC 27001 certification process
▶▶ Detailed presentation of the clauses of ISO/IEC 27001

Day 2 
- Planning and initiating an ISO/IEC 27001 audit

▶▶Fundamental audit concepts and principles
▶▶Audit the approach based on evidence and on risk
▶▶Preparation of an ISO/IEC 27001 certification audit
▶▶Documenting of an ISMS audit

Day 3
- Conducting an ISO/IEC 27001 audit

▶▶Communication during the audit
▶▶Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
▶▶Drafting test plans
▶▶Formulation of audit findings, drafting of nonconformity reports

Day 4
- Concluding and ensuring the follow-up of an ISO/IEC 27001 audit

▶▶Audit documentation
▶▶Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
▶▶Evaluation of corrective action plans
▶▶ISO/IEC 27001 surveillance audit and audit management program

Day 5 - Certification Exam


PECB Certified ISO/IEC 27001 Lead Auditor exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Lead Auditor.

▶▶ Certification fees are included in the exam price

▶▶ Participant manual contains more than 450 pages of information and practical examples

▶▶ A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. 
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
 
http://www.grcsphere.org/ 

Our Price: $2,795.00

SKU: 27001-LA |
MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO 19011 AND ISO/IEC 17021

SUMMARY
This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

Learning Objectives
▶To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
▶▶To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
▶▶To acquire necessary expertise for managing an ISMS audit team
▶▶To understand the operation of an ISO/IEC 27001

Day 1
- Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001

▶▶ Normative, regulatory and legal framework related to Information Security
▶▶ Fundamental principles of Information Security
▶▶ The ISO/IEC 27001 certification process
▶▶ Detailed presentation of the clauses of ISO/IEC 27001

Day 2
- Planning and initiating an ISO/IEC 27001 audit

▶▶Fundamental audit concepts and principles
▶▶Audit the approach based on evidence and on risk
▶▶Preparation of an ISO/IEC 27001 certification audit
▶▶Documenting of an ISMS audit

Day 3 -
Conducting an ISO/IEC 27001 audit

▶▶Communication during the audit
▶▶Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
▶▶Drafting test plans
▶▶Formulation of audit findings, drafting of nonconformity reports

Day 4 - Concluding and ensuring the follow-up of an ISO/IEC 27001 audit

▶▶Audit documentation
▶▶Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
▶▶Evaluation of corrective action plans
▶▶ISO/IEC 27001 surveillance audit and audit management program

Day 5 - Certification Exam

PECB Certified ISO/IEC 27001 Lead Auditor exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Lead Auditor.

▶▶ Certification fees are included in the exam price

▶▶ Participant manual contains more than 450 pages of information and practical examples

▶▶ A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. 
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
 
http://www.grcsphere.org/