Information Security Management System (ISO 27001:2013) Specialist and Internal Auditor Certification Training
- 21 December 2023
- Posted by: admin
- Category:
Name of Training | Information Security Management System (ISO 27001:2013) Specialist and Internal Auditor Certification Training |
Educator’s Name, Surname | |
Education Place | |
Education History | |
Education Time | 30 hours or 5 person. day (6 hours / day) |
Education Fee |
Purpose of Education |
|
Benefits of Education |
|
Destination |
|
Contents | 1. Basic Concepts
a. What is information? b. Elements that embody knowledge c. Information security components 2. Ensuring Information Security awareness a. Information security principles b. Information security incidents 3. ISO 27001:2013 standard articles a. Entrance b. Scope c. Referenced Standards and/or Documents d. Terms and Definitions e. Context (Framework) of the Organization f. Leadership g. Planning h. Support i. Operation (Operation) j. Performance Evaluation/Measurement k. Improvement l. APPENDIX A: Reference Control Objectives/Objectives and Controls 5. Information security policies 6. Organization of information security 7. Human Resources Security 8. Asset Management 9. Access Control 10. Cryptography 11. Physical and Environmental Security 12. Operational Safety 13. Communication Security 14. System Acquisition, Development and Maintenance 15. Supplier Relations 16. Information Security Violation Incident Management 17. Information Security Issues of Business Continuity Management 18. Rapport 4. Inner control a. Audit types b. What is internal audit? c. Benefits of internal audit d. Audit process i. Pre-audit (planning, preparation) ii. Implementation (opening meeting, audit, identification and writing of nonconformities, closing meeting) iii. Post-audit (reporting, follow-up and closure) e. Auditor characteristics and recommendations 5. Exam |
Related Topics | Management System, Internet, Cyber, Information Security, Risk Management, Information Security Threats, ISO27001, ISO27002, Vulnerability, Password Management, Network Security, Equipment Security, Legal Compliance, Mobile Devices, Remote Working, Information Transfer, Penetration Tests, Malware, Change Management, Capacity Management, Clean Table Clean Screen, Cable Security, Physical Access Control, Key Management, Access Rights, Portable Media, Classification of Information, Asset Inventory, Conditions of Employment, Employee Training and Awareness, Information Security Roles, Authorities, Special Interest Groups, Project Management, Systems Engineering, Software Development, Acceptance Testing, Test Data, Backup, Emergency, Business Continuity, Protection of Corporate Records, Archive, Personal Information, Intellectual Property Rights, |
Who Can Participate | There is no participant prerequisite. Anyone who is interested in the current issues in the content can participate. |