

File Type: PowerPoint (pptx)
Aspect Ratio: 4:3 Standard Screen
File Size: 6.6 MB
Number of Slides: 77
Training Presentation/Powerpoint:
ISO/IEC 27001:2013 (ISMS) Awareness Training
Description
ISO/IEC 27001:2013 is an international standard designed and formulated to help create a robust Information Security Management System (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure.
This briefing material is designed for organizations who are embarking on ISO/IEC 27001:2013 implementation and need to create awareness of information security among its employees.
Note: This training package includes:
1. ISO/IEC 27001:2013 training presentation (PowerPoint format)
2. Risk Assessment template (Excel format)
Learning Objectives
-
Provide background knowledge on information security
-
Gain an overview of ISO/IEC 27001 standard
-
Gather useful tips on handling information security matters
Contents
1. What is Information?
-
What is information?
-
Why is information an asset?
-
Information exists in many forms
-
Information can be...
2. What is Information Security?
-
What is information security?
-
Why is information security important?
-
Components of information security
-
What are the impacts of information incidents?
3. Overview of ISO/IEC 27001 Standard
-
About ISO
-
What is a management system?
-
History of ISO/IEC 27001
-
What is ISO/IEC 27001?
-
Purpose of ISO/IEC 27001
-
Benefits of adopting ISO/IEC 27001 standard
4. ISO/IEC 27001 Structure
-
Annex L - Implications
-
Overview of Annex L
-
The ISO/IEC 27001 structure is aligned to the common structure for MSS
-
ISO/IEC 27001 is based on the Plan-Do-Check-Act (PDCA) approach
-
PDCA and ISO/IEC 27001 clause structure
-
ISO/IEC 27001 clause structure (4-10)
-
ISO/IEC 27001:2013 key elements
-
ISO/IEC 27001 is a global standard on ISMS
-
ISO/IEC 27001:2013 defines 14 control areas
-
Purpose of each of the 14 sections from Annex A
5. ISO/IEC 27001 Implementation Checklist
-
ISO/IEC 27001 implementation checklist
-
ISO/IEC 27001 certification process
-
Audit findings
6. Your Security Responsibilities
-
Who is responsible?
-
Classification of information asset - Example
-
Physical security
-
Password guidelines
-
Internet usage
-
Email usage
-
Other information security matters
-
Information security is everybody's job
You may also be interested in the following Management Systems Standards (sold separately):