Workshop

05. Practical Guidance for ISO/IEC 27001 (ISMS)
Trainer Dr. Haryatno (ID)
Date TBA
Duration 1 Day
Price Rp. 2.800.000,-
Requirement Participants are required to bring their own laptops

 

Overview

Due to the accessibility of information technology, companies are forced to give attention to the security of their assets. One of the most important tendencies is the fading of the perimeters. Where companies used to have only an internal network, the internet pushed aside this "secure" way of doing business

Apart from the interconnection of the different branches, third parties like suppliers and service providers also get access to the corporate network. The use of defense tools and the necessity for a good security strategy become more and more obvious.

Like in a building, the fundamentals of the creation of this security policy are of utmost important. Of those do not satisfy the norm, one can never achieve a stable and robust security. The fundamentals to create a security strategy are the Security Policies. Those policies are the guideline of the whole process, starting from the introduction of security to the deployment of an Information Security Management System (ISMS).

This course gives a good overview of the different steps that have to be undertaken to achieve a robust implementation of an ISMS related to the ISO/IEC 27001:2005 standard. Whether aiming for certification, or using the standard as a guide, the course provides aan in-depth analysis of the standard in a comprehensive and practical style.

top ^

Course Outline

  1. General introduction to security
    1. What is information security?
    2. Why security
    3. What are the benefits
    4. Plan-Do-Check-Action model
  2. ISO/IEC 27001 requirements
    1. Security policies and objectives
    2. ISMS framework
    3. Risk assessment methodology
    4. Documentation requirements
    5. Management responsibility
    6. Resource management
    7. Internal ISMS audit
    8. Management review of ISMS
    9. ISMS improvement
  3. Development of an ISMS
    1. Identification of assets
    2. Vulnerabilities and threats
    3. Risk analysis and control objectives
    4. Creation of documents
    5. Statement of applicability
    6. Documentation of the ISMS
  4. Implementing steps of the ISMS
    1. Implement controls selected
    2. Measuring the effectiveness of control
    3. Monitor and review the ISMS
    4. Maintain and improve the ISMS
    5. Awareness and training
    6. Measuring compliances to ISO/IEC 27001
  5. Case study

top ^

About the tutor

TBA

For questions regarding event registration, please call +62-21-570-5800 (Ms. Astri). For general questions, please email bcs2006@bellua.com or send an empty message to bcs-announce-subscribe@bellua.com to receive future event information.

< back top ^

This document is available at PT BELLUA ASIA PACIFIC's website and protected by the copyright laws of the Republic of Indonesia and International treaties. All use subject to "DISCLAIMER" set forth at /disclaimer/