File Type: PowerPoint (pptx); 4:3 Aspect Ratio

 

File Size: 6.6 MB

 

Number of Slides: 77

 

Terms of Usage

Training Presentation/Powerpoint:

ISO/IEC 27001:2013 (ISMS) Awareness Training

 

Description

 

ISO/IEC 27001:2013 is an international standard designed and formulated to help create a robust Information Security Management System (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. 

 

This briefing material is designed for organizations who are embarking on ISO/IEC 27001:2013 implementation and need to create awareness of information security among its employees. This presentation comes with a free Risk Assessment template (Excel format). 

 

Learning Objectives

  1. Provide background knowledge on information security

  2. Gain an overview of ISO/IEC 27001 standard

  3. Gather useful tips on handling information security matters

 

 

Contents​ 

 

1. What is Information?

  • What is information?​

  • Why is information an asset?

  • Information exists in many forms

  • Information can be...

2. What is Information Security?

  • What is information security?

  • Why is information security important?

  • Components of information security

  • What are the impacts of information incidents?

3. Overview of ISO/IEC 27001 Standard

  • About ISO

  • What is a management system?

  • History of ISO/IEC 27001

  • What is ISO/IEC 27001?

  • Purpose of ISO/IEC 27001

  • Benefits of adopting ISO/IEC 27001 standard

4. ISO/IEC 27001 Structure

  • Annex L - Implications

  • Overview of Annex L

  • The ISO/IEC 27001 structure is aligned to the common structure for MSS

  • ISO/IEC 27001 is based on the Plan-Do-Check-Act (PDCA) approach

  • PDCA and ISO/IEC 27001 clause structure

  • ISO/IEC 27001 clause structure (4-10)

  • ISO/IEC 27001:2013 key elements

  • ISO/IEC 27001 is a global standard on ISMS

  • ISO/IEC 27001:2013 defines 14 control areas

  • Purpose of each of the 14 sections from Annex A

5. ISO/IEC 27001 Implementation Checklist

  • ISO/IEC 27001 implementation checklist

  • ISO/IEC 27001 certification process

  • Audit findings

6. Your Security Responsibilities

  • Who is responsible?

  • Classification of information asset - Example

  • Physical security

  • Password guidelines

  • Internet usage

  • Email usage

  • Other information security matters

  • Information security is everybody's job

You may also be interested in the following Management Systems Standards (sold separately):

  1. ISO 19011:2018 Auditing Management Systems Training

  2. ISO 9001:2015 (QMS) Awareness Training

  3. ISO 14001:2015 (EMS) Awareness Training

  4. ISO 45001:2018 (OH&S) Awareness Training

  5. ISO 41001:2018 (FM) Awareness Training

  6. ISO 37001:2016 (ABMS) Awareness Training

  7. ISO 22000:2018 (FSMS) Awareness Training

  8. ISO 50001:2018 (EnMS) Awareness Training

  9. ISO 22301:2019 (BCMS) Awareness Training

  10. ISO 26000:2010 (Social Responsibility) Awareness Training

  11. ISO 55001:2014 (Asset Management) Awareness Training

  12. ISO 31000:2018 (Risk Management) Awareness Training