Overview:

ISO/IEC 27002 is an international standard that gives guidelines for the best Information Security management practices. These management practices will help your organizations to build confidence in their inter-organizational activities and implement a suitable set of controls, including policies, processes, organizational structures and software and hardware functions. This standard is a generic document used as a reference for selecting controls within the process of Information Security Management System implementation. ISO/IEC 27002 is intended to be used by all types of organizations, including public and private sectors, commercial and non-profit and any other organization which faces information security risks.

ISO/IEC 27002 Manager training enables you to acquire the necessary knowledge to support an organization in implementing and managing Information Security Controls based on ISO/IEC 27002. During this training course, you will also gain a thorough understanding of best practices of Information Security Controls.

After understanding all the necessary concepts of Information Security Controls, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27002 Manager” credential.  By holding a PECB Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to implement and manage Information Security controls in an organization.

Duration:  03 days

Objectives:

• Acknowledge the correlation between ISO/IEC 27002 and ISO/IEC 27001
• Understand the implementation of Information Security Controls in accordance with ISO/IEC 27002
• Develop the expertise to support an organization to effectively implement, manage and maintain Information Security Controls
• Understand the formulation and implementation of Information Security requirements and objectives

Intended Audience: 

• Managers seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Individuals responsible for Information Security in an organization
• Information Security team members
• Expert advisors in information technology
• IT professionals
• Privacy officers
• Information Security officers

Course outlines:

1. Day 1: Introduction to Information Security controls as recommended by ISO/IEC 27002
2. Day 2: Information Security requirements and objectives based on ISO/IEC 27002
3. Day 3: Monitoring, measurement, analysis and evaluation of Information Security Controls and Certification Exam