0345 4506120

Certified ISO 27001 Implementation Practitioner (CIIP)

This three-day practical ISO 27001 training course is for people who want to understand the component parts of the ISO Standard with a view to setting up an implementation project. You will learn how to define and risk-assess your organisation’s information assets, and prepare for the essential requirements needed to obtain ISO 27001 certification.

How will I benefit?

With this course, you will:

  • Gain an in-depth understanding of information security and how it applies to your organisation
  • Learn how to define information assets in a way that’s suitable for your organisation and how to undertake a risk assessment
  • Gain confidence that certification is within reach and obtain guidance on applying for certification

KEY BENEFITS

With this course, you will:

  • Gain an in-depth understanding of information security and how it applies to your organisation
  • Learn how to define information assets in a way that’s suitable for your organisation and how to undertake a risk assessment
  • Gain confidence that certification is within reach and obtain guidance on applying for certification

Select specific date to see price, venue and full details.

Learning Objectives

This course covers all the key steps involved in planning, implementing and maintaining an ISO 27001 compliant information security management system (ISMS). This allows you to gain confidence that certification is within reach and an in-depth understanding of

information security and how it applies to you and your organisation. The course is designed to involve delegate participation, using a mix of formal training and practical exercises, based primarily on a detailed case study.

THE SKILLS YOU WILL LEARN

  • An understanding of the key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS)
  • What an ISMS is and how to define information security policies for your organisation
  • Gain the skills needed to identify information assets and undertake a risk assessment, and effective techniques for managing risk
  • Learn how to treat implementation as a project and the common pitfalls
  • Gain an overview of the ISO 27001 Annex A controls

Pre-Requisites

This course is suitable for nontechnical staff and no prior knowledge is required.

Course Content

1. Identifying information assets

a. What are information assets?

b. Creating an asset classification system

2. Risk Assessment

a. The definition of risk under ISO 27001:2013

b. The revised options for risk assessments under the standard

c. How to carry out an information security risk assessment - identifying asset values, threats and vulnerabilities

d. Creating a usable and simple risk methodology

e. Selecting and using risk assessment tools

f. Results and conclusions resulting from an assessment

3. Risk Management

a. Risk measurement

b. Risk reduction and acceptance techniques

c. ISO 27001 control objectives and controls

d. Measuring the effectiveness of controls and mapping them to Annex A

e. The application of countermeasures

f. Additional controls not in ISO 27001

g. Preparing a Statement of Applicability – what to include and/or exclude

h. The need to review and audit the ISMS

4. Auditing

a. What does auditing achieve?

b. How to prepare for the audit

c. How should auditing be conducted?

d. Different types of audit

e. The phase 1 and 2 ISO 27001 audits

f. Certification – what is next?

5. Comparing the Old (27001:2005) with the New (27001:2013)

Exams & Certification

What qualification will I receive?

Those delegates successfully passing the exam at the end of the course will be awarded 7Safe’s Certified ISO Implementation Practitioner (CIIP) qualification

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Our Customers Include