Who should attend?

• Individuals interested in Information Security Management
• Individuals seeking to gain knowledge about the main processes of Information Security Management Systems

Learning objectives

Prerequisites

Why should you attend?

Who should attend?

• Individuals involved in Information Security Management 
• Individuals seeking to gain knowledge about the main processes of Information Security Management Systems (ISMS)
• Individuals interested to pursue a career in Information Security Management

Learning objectives

• Describe the main information security management concepts, principles, and definitions
• Explain the main ISO/IEC 27001 requirements for an information security management system (ISMS)
• Identify approaches, methods, and techniques used for the implementation and management of an ISMS

Educational approach

• Lecture sessions are illustrated with practical questions and examples
• Practical exercises include examples and discussions
• Practice tests are similar to the Certificate Exam

None

Why Should You Attend?

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

• Project managers and consultants involved in and concerned with the implementation of an ISMS 
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises. 
• The exercises are based on a case study. 
• The structure of the quizzes is similar to that of the certification exam.

The main requirement for participating in this training course is having a general knowledge of the ISMS concepts and ISO/IEC 27001.

 Who should attend?

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master an Information Security Management System audit process
• Individuals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts seeking to prepare for an Information Security Management System audit 
• Expert advisors in Information Security Management

Learning objectives

By the end of this training course, the participants will be able to:

1. Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
3. Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
4. Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
5. Manage an ISO/IEC 27001 audit program

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

ISO/IEC 27001 Lead Auditor 

The ISO/IEC 27001 Transition training course enables participants to thoroughly understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. In addition, participants will acquire knowledge on the new concepts presented by ISO/IEC 27001:2022. 

Why should you attend?

The new version of ISO/IEC 27001 has been recently published and is now aligned with the new version of ISO/IEC 27002, which was published in February, 2022. The major changes between ISO/IEC 27001:2022 and ISO/IEC 27001:2013 are noticed in the information security controls of Annex A, whereas a few other minor changes are present in the clauses of the standard too. Furthermore, the title of ISO/IEC 27001:2022 differs from the title of ISO/IEC 27001:2013, as now the standard is titled Information security, cybersecurity and privacy protection — Information security management systems — Requirements.  

The “PECB ISO/IEC 27001 Transition” training course provides detailed information on the revised clauses, the new terminology, and the differences in the controls of Annex A. Additionally, this training course provides participants with the necessary knowledge to support organizations in planning and implementing the changes in their ISMS to ensure conformity with ISO/IEC 27001:2022. As such, you will be able to participate in projects to transition from an ISMS based on ISO/IEC 27001:2013 to an ISMS based on ISO/IEC 27001:2022. 

Once you become acquainted with the new concepts and requirements of ISO/IEC 27001:2022 by attending the training course, you can sit for the exam, and if you successfully pass it, you can apply for the “PECB Certified ISO/IEC 27001 Transition” credential. This certificate will prove that you have up-to-date knowledge and professional capabilities to successfully update an ISMS based on the requirements of ISO/IEC 27001:2022. 

Who should attend?

This training course is intended for:

• Individuals seeking to remain up-to-date with ISO/IEC 27001 requirements for an ISMS 
• Individuals seeking to understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022 requirements
• Individuals responsible for transitioning an ISMS from ISO/IEC 27001:2013 to ISO/IEC 27001:2022 
• Managers, trainers, and consultants involved in maintaining an ISMS
• Professionals wishing to update their ISO/IEC 27001 certificates

Learning objectives

Upon successfully completing the training course, participants will be able to:

• Explain the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022
• Interpret the new concepts and requirements of ISO/IEC 27001:2022
• Plan and implement the necessary changes to an existing ISMS in accordance with ISO/IEC 27001:2022

Educational approach

• This training course is based on theory, and best practices used in the process of transitioning an ISMS from ISO/IEC 27001:2013 to ISO/IEC 27001:2022
• Lecture sessions are illustrated with quizzes
• Quizzes have a similar structure to the certification exam

Prerequisites

Participants who attend this training course need to have a fundamental understanding of information security concepts and ISO/IEC 27001 requirements.