ISO 27001 Lead Implementer Certification
Mastering the implementation and management of an Information Security Management System (ISMS) based on ISO 27001:2013.
This four-day intensive course enables participants to develop the necessary experience to support organization in implementing and management of an Information Security Management System (ISMS) based on ISO 27001:2013.
Participants will also gain thorough understanding of best practices used to implement information security controls from all areas of ISO 27002 standard.
For more information, please visit PECB .
Learning objectives :
- Acknowledge the correlation between ISO 27001, ISO 27002 and other standards and regulatory frameworks;
- Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS;
- Learn how to interpret the ISO 27001 requirements in the specific context of an organization;
- Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS;
- Acquire the expertise to advise an organization in implementing Information Security Management System best practices.
Who should attend?
- Managers or consultants involved in Information Security Management;
- Expert advisors seeking to master the implementation of an Information Security Management System;
- Individuals responsible for maintaining conformance with ISMS requirements;
- ISMS team members.
- Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001; Initiating an ISMS:
- Introduction to management systems and the process approach;
- Presentation of the standards ISO 27001, ISO 27002 and ISO 27003 and regulatory framework;
- Fundamental principles of Information Security;
- Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827;
- Writing a business case and a project plan for the implementation of an ISMS.
- Day 2: Planning the implementation of an ISMS based on ISO 27001:
- Defining the scope of an ISMS;
- Development of an ISMS and information security policies;
- Selection of the approach and methodology for risk assessment;
- Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO 27005;
- Drafting the Statement of Applicability.
- Day 3: Implementing an ISMS based on ISO 27001:
- Implementation of a document management framework;
- Design of controls and writing procedures;
- Implementation of controls;
- Development of a training & awareness program and communicating about the information security;
- Incident management (based on guidance from ISO 27035);
- Operations management of an ISMS.
- Day 4: Controlling, monitoring, measuring and improving an ISMS; certification audit of the ISMS:
- Controlling and Monitoring the ISMS;
- Development of metrics, performance indicators and dashboards in accordance with ISO 27004;
- ISO 27001 internal Audit;
- Management review of an ISMS;
- Implementation of a continual improvement program;
- Preparing for an ISO 27001 certification audit
This training is based on both theory and practice:
- Sessions of lectures illustrated with examples based on real cases;
- Practical exercises based on a full case study including role playing and oral presentations;
- Review exercises to assist the exam preparation;
- Practice test similar to the certification exam.
To benefit from the practical exercises, the number of training participants is limited.
- The “PECB Certified ISO 27001 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
- Domain 1: Fundamental principles and concepts of information security
- Domain 2: Information security control best practice based on ISO 27002
- Domain 3: Planning an ISMS based on ISO 27001
- Domain 4: Implementing an ISMS based on ISO 27001
- Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001
- Domain 6: Continual improvement of an ISMS based on ISO 27001
- Domain 7: Preparing for an ISMS certification audit
- The “PECB Certified ISO 27001 Lead Implementer” exam is available in different languages (trainers are fluent in English, French & Spanish);
- The exam is available online, please refer to PECB Exams User Manual ;
- Duration: 3 hours
- For more information about PECB Certified ISO 27001 exam and certification, refer to ISO 27001 Lead Implementer Exam & Certification .
«The course taught by Henri was complete. He provided good real-world examples that complemented the course, took the extra time to respond to all on questions.»
«A brilliant overview and good instructor.»
«Fantastic trainer, interesting material, 10/10 would certify again.»
«Thorough walk-through of ISO 27001 enabling me to be on very safe ground, working to advice on information security framework including risk assessments. »
« Je recommande fortement cette formation pour tout collaborateur ayant un lien avec la sécurité de l’information au sein d’un organisme, car elle permet de mieux cerner son environnement de travail, ainsi que les attentes lorsqu’on évolue dans un tel environnement. »
« Cette formation m’a permis d’acquérir des connaissances essentielles pour mon travail. J’ai apprécié le format ouvert, permettant l’échange et les questions. L’expérience de Henri Haenni dans cette formation était un réel avantage. »
« Exemples concrets et pragmatiques de la part du formateur et des participants. Très utile et intéressant. »
« Informative course, good materials, well presented. Ready for application. »
«Excellent course, to really understand what most important areas is to focus on for successful ISO 27000 certification.»
« Henri and Alexis conducted a focused, intensive four-day ISO/IEC 27001 Lead Implementer Course of immediate relevance to The Global Fund. Participants representing both IT and Risk are now better prepared to design and operationise a corporate ISMS.»
«Training is very useful & will provide insight to ISMS. Trainers are very qualified & have vast experience.»
«I had a great time at Abilene Academy, both trainers were very interesting people not stingy on funny stories and anecdotes.»
«I found this training to be very useful and extremely interesting. I appreciate the high-level engagement from both instructors to make the presented topics as tangible as they can get. The course material was structured very well, making it easy to follow-up on the different topics. Last but not least, the training featured several interesting exercises as we were progressing through the material.»