top of page
ISMS 2022 cover.png
American Express
pptx icon.png

File Type:

Aspect Ratio: 


File Size: 17.1 MB


Number of Slides: 78


Terms of Usage

Training Presentation/Powerpoint:

ISO/IEC 27001:2022 (ISMS) Awareness Training




Ransomware attacks have become a global menace, with devastating effects on both organizations and their customers. According to the Allianz Risk Barometer, ransomware is the top cyber exposure concern for organizations in 2022. Businesses, especially those holding sensitive and valuable information, must provide appropriate protection to avoid operational, financial, and legal consequences, including business failure.

However, most organizations struggle to identify all the risks they face and manage them in a cost-effective and sustainable manner. To address this challenge, the internationally recognized standard for Information Security Management Systems (ISMS), ISO/IEC 27001:2022, provides a systematic approach to managing sensitive information to ensure its security. This new standard replaces the old ISO/IEC 27001:2013 and offers a robust framework that can be adapted to all types and sizes of organizations.

Organizations with significant information security risks are increasingly implementing an ISMS that complies with ISO/IEC 27001. By applying a risk management process, the ISMS standard preserves the confidentiality, integrity, and availability of information while giving confidence to interested parties that risks are adequately managed.

To assist organizations embarking on ISO/IEC 27001:2022 implementation or transitioning to the new standard, this ISO/IEC 27001:2022 (ISMS) awareness PPT presentation is designed to create awareness of information security among their employees.

Note: This training package includes:

1. ISO/IEC 27001:2022 (ISMS) PPT training presentation (PowerPoint format, in new 16:9 widescreen)

2. Risk Assessment template (Excel format)

3. ISO/IEC 27001:2022 (ISMS) Awareness poster (PDF format, in color and monochrome, printable in A3/A4 size)


Learning Objectives

  1. ​​Acquire knowledge on the fundamentals of information security

  2. Describe the ISO/IEC 27001 structure

  3. Understand the ISO/IEC 27001 implementation and certification process

  4. Gather useful tips on handling an audit session





1. Fundamentals of Information Security

  • What Is Information?​

  • Why Is Information An Asset?

  • Information Exists In Many Forms

  • Information Can Be...

  • Definition Of Information Security

  • Three Principles Of Information Security (CIA Triad)

  • Information Security Strategies & Approaches

  • Why Is Information Security Important?

  • What Are The Impacts Of Security Incidents?

  • About ISO

  • ISO Standards Contribute Directly To The U.N. Sustainable Development Goals (SDGs)

  • What Are Standards?

  • What Standards Are Not

  • Why Are Standards Important?

  • What Is A Management System?

  • History Of ISO/IEC 27001

  • What Is ISO/IEC 27001?

  • ISO/IEC 27000 Series

  • What Is The Purpose Of ISO/IEC 27001?

  • ISO/IEC 27001:2022 - Main Changes In The Management System

  • Main Changes In Annex A Security Controls

  • What Are The New Security Controls?

  • Benefits Of Adopting ISO/IEC 27001 Standard

  • Advantages Of Certification

  • Plan-Do-Check-Act (PDCA) Process Model

  • ISO/IEC 27001:2022 Is Based On The PDCA Model

  • Emphasis On Process Approach

  • Risk-based Management

  • Benefits of the New ISO/IEC 27001:2022

2. ISO/IEC 27001 Structure

  • What Is Annex L?

  • Annex L Is A Framework For A Generic Management System

  • High-Level Structure

  • ISO/IEC 27001:2022 Is Based On The High-Level Structure For Management System Standards

  • High-Level Structure - The Same Core Elements

  • PDCA And The ISO/IEC 27001:2022 Clause Structure

  • ISO/IEC 27001:2022 Key Clause Structure (4-10)

    • Context of the Organization

    • Leadership

    • Planning

    • Support

    • Operation

    • Performance Evaluation

    • Improvement

  • The PDCA Cycle Is The Engine Of Continuous Improvement​

3. ISO/IEC 27001 Implementation, Certification & Audits

  • Becoming ISO/IEC 27001:2022 Certified

  • ISO/IEC 27001:2022 Implementation Phases

  • ISO/IEC 27001:2022 Certification Process

  • ISO/IEC 27001:2022 Certification Transition Timeline

  • What Does Certification Assure?

  • What Is An ISO Audit?

  • What Are Audits Used For?

  • Types Of Audits

  • Principles Of Auditing

  • Audit Findings

    • Minor Non-Conformity​

    • Major Non-Conformity

    • Observation

4. Handling An Audit Session

  • Rights Of Auditee

  • Rights Of Auditor

  • How To Handle An Audit Session?

  • Auditee's Conduct

  • Interacting With Auditors - Do's

  • Interacting With Auditors - Don'ts

  • Information Security Is Everybody's Job

You may also be interested in the following Management System Standards (sold separately):

  1. ISO 9001:2015 (QMS) Awareness Training

  2. ISO 13485:2016 (Medical Devices - QMS) Awareness Training

  3. ISO 14001:2015 (EMS) Awareness Training

  4. ISO 19011:2018 Auditing Management Systems Training

  5. ISO/IEC 20000-1:2018 (SMS) Awareness Training

  6. ISO 20400:2017 (Sustainable Procurement) Awareness Training

  7. ISO 22000:2018 (FSMS) Awareness Training

  8. ISO 22301:2019 (BCMS) Awareness Training

  9. ISO 26000:2010 (Social Responsibility) Awareness Training

  10. ISO/IEC 27001:2022 (ISMS) Awareness Training

  11. ISO 31000:2018 (Risk Management) Awareness Training

  12. ISO 37000:2021 (Governance of Organizations) Awareness Training

  13. ISO 37001:2016 (ABMS) Awareness Training

  14. ISO 37301:2021 (CMS) Awareness Training

  15. ISO 41001:2018 (FM) Awareness Training

  16. ISO 45001:2018 (OH&S) Awareness Training

  17. ISO 50001:2018 (EnMS) Awareness Training

  18. ISO 55001:2014 (Asset Management) Awareness Training



bottom of page