ISO/IEC 27001 Practitioner – Information Security Officer

Apresentação

O curso ISO/IEC 27001 Practitioner tem como tema principal a norma ISO 27001 – Segurança da Informação. A Segurança da Informação está relacionada com a protecção de todos os activos de informação e infra-estruturas de suporte (Tecnológico, humanos e financeiros), no sentido de preservar e rentabilizar o valor que possuem para a organização.

O curso inclui o respetivo exame de certificação. O exame será realizado na tarde do último dia do curso.

This ISO/IEC 27001 Practitioner course, prepares the participants to achieve a sufficient understanding of ISO/IEC 27001 and its application in a given situation. A successful Practitioner candidate should, with suitable direction be able to start applying the International Standard to enable the management of information security (depending on the real situations).

Destinatários

• Internal managers and personnel working to implement, maintain and operate an ISMS within an organization.
• External consultants supporting an organization’s implementation, maintenance and operation of an ISMS.
• Internal auditors who are required to have an applied knowledge of the standard.

Pré-Requisitos

Candidate must have passed the Foundaion Qualification

Objetivos

• Apply the principles of ISMS policy and its information security scope, objectives, and processes within an organizational  context.
•  Apply the principles of risk management including risk identification, analysis and evaluation and propose appropriate treatments and controls to reduce information security risk, support business objectives and improve information security.
• Analyze and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement.
• Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy and effectiveness of the ISMS.
• Understand, create, apply and evaluate the suitability, adequacy and effectiveness of documented information and records required by ISO/IEC 27001.
• Identify and apply appropriate corrective actions to maintain ISMS conformity with ISO/IEC 27001.

Programa

• Introduction and background
• Preparing for the ISMS
• Planning and Operating the ISMS
• Controls (part 1)
• Controls (part 2)