Course Outline:

Most organisations now rely on information systems to support all of their critical business processes. This dependency has led to an evolving risk from electronic security threats such as hacking, data loss, breach of confidentiality and even terrorism. These increasingly sophisticated attacks can come from individuals, private organisations or even clandestine foreign intelligence agencies. When these attacks result in loss of information, theft of confidential data or damage to critical systems and documents, organisation can suffer severe consequences including financial repercussions and reputational risk.

Apart from the course content of foundation level, following topics shall also be covered in the Lead Implementer training

• ISO/IEC 27001 requirements along with implementation guidelines.
• Understanding the guidelines of ISO/IEC 27003 for Company’s ISMS policy
• Framing scope statement
• Setting information security objectives and action plan for objectives
• Documentation requirements
• Design of controls and writing procedures
• Risk management according to ISO/IEC 31000:2018Risk assessment, Risk analysis and risk treatment
• Incident management & Business continuity management
• Conducting internal audits and management review meeting.
• Continual improvement of ISMS through corrective action and analysis.
• Preparing for the ISO/IEC 27001:2013 audit

Benefit:

• Your acquired knowledge and familiarity with ISO/IEC 27001 and ISO/IEC 27000 series during the training helps you and your organization in implementing an effective information security management system (ISMS).
• An ISMS is based on the security awareness of the personnel, strong and stable processes and safe and secure IT systems and technologies.
• You understand the phases of an audit and are able to assess the importance of actions to aid in continual improvement process in your IT organization.

Who Should Attend?

• Professionals who have a role in implementation and auditing ISMS.

• Information Security Management Representatives and core group members responsible for establishing, implementing, maintaining, auditing and improving ISMS.
• Managers from organizations willing to implement, maintain and improve upon their ISMS as per ISO 27001:2013.
• Management system consultants.

Exam Information:

Certified Lead Implementer in ISMS

• Total marks: 100
• Sections: Two sections namely part A & part B. Both sections are to be attempted.
• Duration of the exam: 120 minutes (2 hours)
• Passing criteria: 70%

Part A – MCQ

• Multiple choice based questions
• Total 40 questions in part A
• Total Marks of part A: 40
• Each question is of one mark

Part B – Subjective

No. of case studies: 3 (three). There will be minimum 5 questions per case study which needs to be responded

Marks of each case study: 20

Total marks of part B: 60

This is open book exam. Only ISMS standard is copy and course notes from the participant handout are permissible.

Certification:

TUV SOD’s certified ISMS Lead Implementer based on ISO/IEC 27001