This three-day ISO27001:2013 Information Security Foundation course overviews the recently revised version of 2013. ISO/IEC 27001:2013 builds upon established foundations as the most widely recognized international standard specifically aimed at information security management. The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organizations electronic and physical information resources.
ISO/IEC 27001:2013 is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls. It enables organizations to demonstrate excellence and prove best practices in Information Security management. Conformance with the standard requires a commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders, and customers alike.
ISO/IEC 27001:2013 is the formal specification and defines the requirements for an ISMS, which includes:
- ISMS planning, support and operational requirements
- Leadership responsibilities
- Performance evaluation of the ISMS
- Internal ISMS audits
- ISMS improvement
- Control objectives and controls