Why is planning phase of ISO 27001 so important?
If you don't plan your information security activities carefully, chances are you will miss something important – and that will cost you. This is why ISO 27001 defines very precisely the various steps in the planning phase – the purpose is to set clear direction, but also to take into account everything that can cause security incidents.
According to ISO 27001, the planning phase is rather complex and requires several documents and activities to be done. Risk assessment and treatment are the central part of the planning phase – they set the ground for the implementation phase, by defining which security controls are applicable.
Experience has shown that by doing the planning phase properly right at the beginning of your ISO 27001 project, you will save considerable time and money later on.
Register for this webinar to learn:
- Structure of ISO 27001 standard – Plan-Do-Check-Act cycle
- Overview of the planning phase elements (clause 4.2.1) and their implementation – ISMS scope, ISMS Policy, risk assessment methodology, risk assessment, risk treatment, Statement of Applicability, Risk Assessment Report
- Document and records control (clauses 4.3.2 and 4.3.3) implementation – how to control the approval of your documents, distribution, ensuring that the documents are up-to-date etc.
- Mandatory documents according to ISO 27001 (clause 4.3.1)
- Understanding the three basic concepts of information security
- Filling in the Risk Assessment Table
- Filling in the Statement of Applicability
Wednesday - February 2, 2011 (Duration: 2.5 hours)
10:00 AM London time
11:00 AM Brussels time
3:30 PM (15:30) Mumbai time
7:00 PM (19:00) Tokyo time
Monday - February 14, 2011 (Duration: 2.5 hours)
10:00 AM Los Angeles time
1:00 PM (13:00) New York time
6:00 PM (18:00) London time
7:00 PM (19:00) Brussels time
Tuition: $189 per attendee
What You Receive
- Training by Dejan Kosutic, one of the leading experts for ISO 27001 / BS 25999-2
- 3 workshops
- Download of presentation deck and workshop materials
- Access to webinar recording
- Template of document Risk Assessment Table ($24.90 value)
- Template of document Statement of Applicability ($39.90 value)
- 30 days access to E-learning tutorials ($69.00 value)
- 30 minutes of private consultation with Dejan Kosutic
- Certification & credits: Attendees will receive a Certificate of Completion with 2.5 hours of CPE credits
Target AudienceProfessionals with little or moderate experience in ISO 27001, including:
- Chief Security Officers (CSOs)
- Chief Information Security Officers (CISOs)
- Chief Information Officers (CIOs)
- Risk managers
- Compliance managers
- ISO 27001/information security consultants
- ISO 27001/IT auditors
- Members of top management responsible for information security
- All information security practitioners
About the training
This highly interactive live online training (via webinar) is designed to enable you to walk away with important skills for executing the planning phase of ISO 27001 in your organization. It contains 3 workshops where filling in the real ISMS documents is exercised. This moderately priced course offers compelling content, downloadable materials and live engagement with an expert consultant with whom you can discuss how to resolve your specific implementation issues. The course includes documentation templates, access to E-learning tutorials and private time with the trainer for consultation on specific issues. You will experience the training right from your desk, eliminating travel costs and minimizing lost time away from your office.
Competencies and prerequisites
The participants must have their own copy of ISO/IEC 27001 standard in English (not included in price), a broadband Internet connection, and computer with a headset or loudspeakers and microphone (in some countries access through telephone line is also available – in such case headset/loudspeakers/microphone are not required). Prior general knowledge of information security is recommended.
In order to receive the Certificate of Completion, the attendees must read E-learning tutorials (as pre-course work), attend the training throughout its duration, and participate in workshops.
Trainer: Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has long working experience both as tutor and as a consultant – he is Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium sized businesses including IT companies.
He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.
Complete Webinar Schedule:
February 2, February 14 - ISO 27001 Foundations Part 1: ISMS Planning Phase, Documentation and Records Control
February 15, February 21 - ISO 27001 Foundations Part 2: Implementation, Monitoring and Reviewing, Maintaining and Improving the ISMS
FREE WEBINAR - February 16 - ISO 27001 & BS 25999-2: Why is It Better to Implement Them Together?
February 16, February 22 - Internal Audit: How to Conduct it According to ISO 27001 and BS 25999-2
February 16, February 23 - ISO 27001 Lead Auditor Course Preparation Training
February 17, February 23 - BS 25999-2 Foundations Part 1: Business Impact Analysis
February 22, March 7 - ISO 27001 Foundations Part 3: Annex A Overview
FREE WEBINAR - February 23 - ISO 27001: An Overview of ISMS Implementation Process
February 24, March 9 - BS 25999-2 Foundations Part 2: Business Continuity Strategy
March 8, March 21 - Risk Management Part 1: Risk Assessment Methodology and Risk Assessment Process
FREE WEBINAR - March 9 - BS 25999-2: An Overview of BCM Implementation Process
March 9, March 22 - How to Become ISO 27001 / BS 25999-2 Consultant
March 10, March 23 - BS 25999-2 Foundations Part 3: Business Continuity Planning
FREE WEBINAR - March 23 - ISO 27001 Implementation: How to Make It Easier Using ISO 9001
March 24, April 18 - How to Write Four Mandatory Procedures for ISO 27001 and BS 25999-2
April 5, April 19 - ISO 27001 A.6 & A.8: Organization of Information Security; External Parties; Raising Awareness, Training and HR Management
FREE WEBINAR - April 6 - ISO 27001/BS 25999-2: The Certification Process
April 6, April 19 - ISO 27001 A.7: Asset Management and Classification