Understanding the Requirements of ISO/IEC 27001:2022
Understanding the Requirements of ISO/IEC 27001:2022 for Information Security Management Systems
Register for courses 30 days in advance and get 5% off this price
Note:Pricing is dependent on location and may vary.Course Duration: 1 Day - 8 Hours/day
This 1.5 day course has been developed to cover all requirements of the ISO/IEC 27001:2022 standard. The course includes definitions from ISO/IEC 27000:2018 (Information Security Management Systems – Overview and Vocabulary), Guidance from ISO/IEC 27003:2017 (Information Security Management System Implementation and Guidance). Group exercises and case studies will be used to develop the required skills.
Learning Objectives
· Understand the application of Information Security Management principles in the context of ISO/IEC 27001:2022.
· Relate the Information Security Management system to the organizational products, services, activities and operational processes.
· Relate organization’s context and interested party needs and expectations to the planning and implementation of an organization’s Information Security Management system.
Day One
· Fundamentals of Information Security Management Systems (ISMS)
o Information Security
o What is an Information Security Management System (ISMS)?
o The ISO/IEC 270000 Fundamentals and Vocabulary
o The ISO/IEC 270001 ISMS Described
· ISO/IEC 27001:2022 Requirements Descriptions
o ISO/IEC 27001:2022 Clauses
o Annex A
o The Process Approach
· Risk-based Thinking
o ISMS Risks
o ISMS Risk Assessment
o ISMS Risk Treatment
· ISO/IEC 27001 Clause 4 – Context of the Organization
o Group Exercise 1: Context of the Organization
Day Two
· ISO/IEC 27001 Clause 5 – Leadership
· ISO/IEC 27001 Clause 6 – Planning
o Group Exercise 2: Assessing and Evaluating Risk
o Group Exercise 3: Audit Scenarios
· ISO/IEC 27001 Clause 7 – Support
· ISO/IEC 27001 Clause 8 – Operation
o Group Exercise 4: Audit Scenarios
· ISO/IEC 27001 Clause 9 – Performance Evaluation
· ISO/IEC 27001 Clause 10 – Improvement
· ISO/IEC 27001 Annex A
o Group Exercise 5: Audit Scenarios
· Understanding ISMS Final Exam
Who Should Attend
This seminar is designed for Information Security Assurance Managers, ISO/IEC 27001:2022 Implementation and/or Transition Team Members, Management Representatives, and all others who would like to develop competency in ISO/IEC 27001:2022.
Each participant will receive a seminar manual and a group workbook that includes practice in applying the requirements.
An understanding of the ISO/IEC 27001:2022 requirements and/or work experience in applying ISO/IEC 27001:2022 is recommended.