Information Security Management System (ISO 27001:2013) Specialist and Internal Auditor Certification Training

Name of Training Information Security Management System (ISO 27001:2013) Specialist and Internal Auditor Certification Training
Educator’s Name, Surname  
Education Place  
Education History  
Education Time 30 hours or 5 person. day (6 hours / day)
Education Fee
Purpose of Education
  • Learning the Information Security Management System (ISO 27001:2013) at the level of auditing
  • Learning information security concepts
  • Providing awareness about information security incidents
  • Learning the documents required for the implementation of the Information Security Management System
  • Learning the audit process and application
Benefits of Education
  • To have knowledge of a management system that is current and required by law,
  • Having knowledge about industry experiences,
  • To provide added value to people who are in the process of starting their business life, at the start of their employment,
  • To provide people in business life with the opportunity to work in relevant departments and projects within the company,
  • To be able to accurately determine personal precautions in private life by learning information security issues,
  • To have knowledge about SWOT {Strengths, Weaknesses, Opportunities and Threats} (or SWOT) and Environment (PESTS) analyses,
  • Having knowledge about related party analysis,
  • Having knowledge about Process Analysis,
  • Having knowledge about risk management,
  • Having knowledge about document management,
  • To have information about performance evaluation,
  • To have knowledge about internal audit and to conduct internal audit,
  • To have knowledge about the management of nonconformities,
  • Having information about asset inventory,
  • To have knowledge about business continuity management within the scope of information security,
  • To be informed about current information security violation incidents,
  • Having the competence to install an Information Security Management System (ISO27001:2013) in any organization,
Destination
  • Information Security Management System (ISO 27001:2013) specialist certificate,
  • Information Security Management System (ISO 27001:2013) internal auditor certificate,
  • Benefits from education,
Contents 1.      Basic Concepts

a.      What is information?

b.      Elements that embody knowledge

c.      Information security components

2.      Ensuring Information Security awareness

a.       Information security principles

b.       Information security incidents

3.      ISO 27001:2013 standard articles

a.       Entrance

b.       Scope

c.       Referenced Standards and/or Documents

d.       Terms and Definitions

e.       Context (Framework) of the Organization

f.        Leadership

g.       Planning

h.       Support

i.        Operation (Operation)

j.        Performance Evaluation/Measurement

k.       Improvement

l.        APPENDIX A: Reference Control Objectives/Objectives and Controls

5.       Information security policies

6.       Organization of information security

7.       Human Resources Security

8.       Asset Management

9.       Access Control

10.     Cryptography

11.      Physical and Environmental Security

12.      Operational Safety

13.      Communication Security

14.      System Acquisition, Development and Maintenance

15.      Supplier Relations

16.      Information Security Violation Incident Management

17.      Information Security Issues of Business Continuity Management

18.     Rapport

4.     Inner control

a.       Audit types

b.      What is internal audit?

c.       Benefits of internal audit

d.       Audit process

i.          Pre-audit (planning, preparation)

ii.         Implementation (opening meeting, audit, identification and writing of nonconformities, closing meeting)

iii.        Post-audit (reporting, follow-up and closure)

e.        Auditor characteristics and recommendations

5.      Exam

Related Topics Management System, Internet, Cyber, Information Security, Risk Management, Information Security Threats, ISO27001, ISO27002, Vulnerability, Password Management, Network Security, Equipment Security, Legal Compliance, Mobile Devices, Remote Working, Information Transfer, Penetration Tests, Malware, Change Management, Capacity Management, Clean Table Clean Screen, Cable Security, Physical Access Control, Key Management, Access Rights, Portable Media, Classification of Information, Asset Inventory, Conditions of Employment, Employee Training and Awareness, Information Security Roles, Authorities, Special Interest Groups, Project Management, Systems Engineering, Software Development, Acceptance Testing, Test Data, Backup, Emergency, Business Continuity, Protection of Corporate Records, Archive, Personal Information, Intellectual Property Rights,
Who Can Participate There is no participant prerequisite. Anyone who is interested in the current issues in the content can participate.