PPT: ISO/IEC 27001 (ISMS) Awareness Training Presentation
pptx icon.png

File Type:

Aspect Ratio: 4:3 Standard Screen

 

File Size: 6.6 MB

 

Number of Slides: 77

 

Terms of Usage

Training Presentation/Powerpoint:

ISO/IEC 27001:2013 (ISMS) Awareness Training

 

Description

 

Ransomware attacks are on the rise globally and the impacts are devastating to the organizations as well as the customers they serve. However, these risks can be mitigated by putting in place a robust information security management system.

ISO/IEC 27001:2013 is an international standard designed and formulated to help create a robust Information Security Management System (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. 

 

This briefing material is designed for organizations who are embarking on ISO/IEC 27001:2013 implementation and need to create awareness of information security among its employees. 

 

Note: This training package includes:

1. ISO/IEC 27001:2013 training presentation (PowerPoint format)

2. Risk Assessment template (Excel format)

 

Learning Objectives

  1. Provide background knowledge on information security

  2. Gain an overview of ISO/IEC 27001 standard

  3. Gather useful tips on handling information security matters

 

 

Contents​ 

 

1. What is Information?

  • What is information?​

  • Why is information an asset?

  • Information exists in many forms

  • Information can be...

2. What is Information Security?

  • What is information security?

  • Why is information security important?

  • Components of information security

  • What are the impacts of information incidents?

3. Overview of ISO/IEC 27001 Standard

  • About ISO

  • What is a management system?

  • History of ISO/IEC 27001

  • What is ISO/IEC 27001?

  • Purpose of ISO/IEC 27001

  • Benefits of adopting ISO/IEC 27001 standard

4. ISO/IEC 27001 Structure

  • Annex L - Implications

  • Overview of Annex L

  • The ISO/IEC 27001 structure is aligned to the common structure for MSS

  • ISO/IEC 27001 is based on the Plan-Do-Check-Act (PDCA) approach

  • PDCA and ISO/IEC 27001 clause structure

  • ISO/IEC 27001 clause structure (4-10)

  • ISO/IEC 27001:2013 key elements

  • ISO/IEC 27001 is a global standard on ISMS

  • ISO/IEC 27001:2013 defines 14 control areas

  • Purpose of each of the 14 sections from Annex A

5. ISO/IEC 27001 Implementation Checklist

  • ISO/IEC 27001 implementation checklist

  • ISO/IEC 27001 certification process

  • Audit findings

6. Your Security Responsibilities

  • Who is responsible?

  • Classification of information asset - Example

  • Physical security

  • Password guidelines

  • Internet usage

  • Email usage

  • Other information security matters

  • Information security is everybody's job

You may also be interested in the following Management Systems Standards (sold separately):

  1. ISO 9001:2015 (QMS) Awareness Training

  2. ISO 13485:2016 (Medical Devices - QMS) Awareness Training

  3. ISO 14001:2015 (EMS) Awareness Training

  4. ISO 19011:2018 Auditing Management Systems Training

  5. ISO/IEC 20000-1:2018 (SMS) Awareness Training

  6. ISO 20121:2012 (ESMS) Awareness Training

  7. ISO 22000:2018 (FSMS) Awareness Training

  8. ISO 22301:2019 (BCMS) Awareness Training

  9. ISO 26000:2010 (Social Responsibility) Awareness Training

  10. ISO/IEC 27001:2013 (ISMS) Awareness Training

  11. ISO 31000:2018 (Risk Management) Awareness Training

  12. ISO 37001:2016 (ABMS) Awareness Training

  13. ISO 41001:2018 (FM) Awareness Training

  14. ISO 45001:2018 (OH&S) Awareness Training

  15. ISO 50001:2018 (EnMS) Awareness Training

  16. ISO 55001:2014 (Asset Management) Awareness Training

  17. Managing ISO Certification Audits

  18. Managing Supplier Quality Audits