top of page
ISMS 2022 cover.png
pptx icon.png
16-9.png

File Type:

Aspect Ratio: 

 

File Size: 17.1 MB

 

Number of Slides: 78

 

Terms of Usage

Training Presentation/Powerpoint:

ISO/IEC 27001:2022 (ISMS) Awareness Training

 

Description

 

Globally, ransomware attacks are on the rise and the impacts are devastating to the organizations as well as the customers they serve. According to the Allianz Risk Barometer, ransomware ranks as the top cyber exposure of concern in 2022. 

 

Moreover, most businesses hold or have access to valuable or sensitive information. Failure to provide appropriate protection to such information can have serious operational, financial and legal consequences. In some instances, these can lead to a total business failure.

The challenge that most businesses struggle with is how to provide appropriate protection. In particular, how do they ensure that they have identified all the risks they are exposed to and how can they manage them in a way that is proportion-ate, sustainable and cost effective?

ISO/IEC 27001:2022 is the internationally-recognised standard for Information Security Management Systems (ISMS). This new standard replaces the old ISO/IEC 27001:2013. An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It provides a robust framework to protect information that can be adapted to all types and sizes of organization. Organizations that have significant exposure to information-security related risks are increasingly choosing to implement an ISMS that complies with ISO/IEC 27001.

The ISMS standard preserves the Confidentiality, Integrity and Availability of information by applying a Risk Management process and gives confidence to interested parties that risks are adequately managed.

This ISO/IEC 27001:2022 (ISMS) awareness PPT presentation is designed for organizations who are embarking on ISO/IEC 27001:2022 implementation or are transitioning to the new standard and need to create awareness of information security among their employees. 

Note: This training package includes:

1. ISO/IEC 27001:2022 (ISMS) PPT training presentation (PowerPoint format, in new 16:9 widescreen)

2. Risk Assessment template (Excel format)

3. ISO Certification Audit poster (PDF format, in color and monochrome, printable in A3 size)

 

Learning Objectives

  1. ​​Acquire knowledge on the fundamentals of information security

  2. Describe the ISO/IEC 27001 structure

  3. Understand the ISO/IEC 27001 implementation and certification process

  4. Gather useful tips on handling an audit session

 

 

Contents​ 

 

1. Fundamentals of Information Security

  • What Is Information?​

  • Why Is Information An Asset?

  • Information Exists In Many Forms

  • Information Can Be...

  • Definition Of Information Security

  • Three Principles Of Information Security (CIA Triad)

  • Information Security Strategies & Approaches

  • Why Is Information Security Important?

  • What Are The Impacts Of Security Incidents?

  • About ISO

  • ISO Standards Contribute Directly To The U.N. Sustainable Development Goals (SDGs)

  • What Are Standards?

  • What Standards Are Not

  • Why Are Standards Important?

  • What Is A Management System?

  • History Of ISO/IEC 27001

  • What Is ISO/IEC 27001?

  • ISO/IEC 27000 Series

  • What Is The Purpose Of ISO/IEC 27001?

  • ISO/IEC 27001:2022 - Main Changes In The Management System

  • Main Changes In Annex A Security Controls

  • What Are The New Security Controls?

  • Benefits Of Adopting ISO/IEC 27001 Standard

  • Advantages Of Certification

  • Plan-Do-Check-Act (PDCA) Process Model

  • ISO/IEC 27001:2022 Is Based On The PDCA Model

  • Emphasis On Process Approach

  • Risk-based Management

  • Benefits of the New ISO/IEC 27001:2022

2. ISO/IEC 27001 Structure

  • What Is Annex L?

  • Annex L Is A Framework For A Generic Management System

  • High-Level Structure

  • ISO/IEC 27001:2022 Is Based On The High-Level Structure For Management System Standards

  • High-Level Structure - The Same Core Elements

  • PDCA And The ISO/IEC 27001:2022 Clause Structure

  • ISO/IEC 27001:2022 Key Clause Structure (4-10)

    • Context of the Organization

    • Leadership

    • Planning

    • Support

    • Operation

    • Performance Evaluation

    • Improvement

  • The PDCA Cycle Is The Engine Of Continuous Improvement​

3. ISO/IEC 27001 Implementation, Certification & Audits

  • Becoming ISO/IEC 27001:2022 Certified

  • ISO/IEC 27001:2022 Implementation Phases

  • ISO/IEC 27001:2022 Certification Process

  • ISO/IEC 27001:2022 Certification Transition Timeline

  • What Does Certification Assure?

  • What Is An ISO Audit?

  • What Are Audits Used For?

  • Types Of Audits

  • Principles Of Auditing

  • Audit Findings

    • Minor Non-Conformity​

    • Major Non-Conformity

    • Observation

4. Handling An Audit Session

  • Rights Of Auditee

  • Rights Of Auditor

  • How To Handle An Audit Session?

  • Auditee's Conduct

  • Interacting With Auditors - Do's

  • Interacting With Auditors - Don'ts

  • Information Security Is Everybody's Job

You may also be interested in the following Management System Standards (sold separately):

  1. ISO 9001:2015 (QMS) Awareness Training

  2. ISO 13485:2016 (Medical Devices - QMS) Awareness Training

  3. ISO 14001:2015 (EMS) Awareness Training

  4. ISO 19011:2018 Auditing Management Systems Training

  5. ISO/IEC 20000-1:2018 (SMS) Awareness Training

  6. ISO 20121:2012 (ESMS) Awareness Training

  7. ISO 20400:2017 (Sustainable Procurement) Awareness Training

  8. ISO 22000:2018 (FSMS) Awareness Training

  9. ISO 22301:2019 (BCMS) Awareness Training

  10. ISO 26000:2010 (Social Responsibility) Awareness Training

  11. ISO/IEC 27001:2022 (ISMS) Awareness Training

  12. ISO 31000:2018 (Risk Management) Awareness Training

  13. ISO 37001:2016 (ABMS) Awareness Training

  14. ISO 37301:2021 (CMS) Awareness Training

  15. ISO 41001:2018 (FM) Awareness Training

  16. ISO 45001:2018 (OH&S) Awareness Training

  17. ISO 50001:2018 (EnMS) Awareness Training

  18. ISO 55001:2014 (Asset Management) Awareness Training

 

 

bottom of page