0845 450 6120

Certified ISO 27001 Implementation Practitioner - Implementing ISO 27001 (IISP)

On this 3 day practical ISO 27001 course, delegates will learn the component parts of the standard, how to manage information security, how the individual components of the process fit together, how to treat implementation as a project, common pitfalls, how to define and risk assess information assets in a way suitable to their organisation, and the essential requirements for obtaining ISO 27001 certification.

The course is designed to involve delegate participation, and there are many exercises of differing styles, based primarily on a detailed case study. Styles include lectures, discussions, individual exercises, group exercises and role-play.


Learning Objectives

What you will learn

•The component parts of the Standard
•How to manage information security
•How the individual components of the process fit together
•How to treat implementation as a project
•Common pitfalls
•How to define and risk assess “information assets”

Course Content

Course content highlights

• Why do you need certification to ISO 27001?

• What the Information Security Management System (ISMS) is and what it is trying to achieve

Confidentiality, integrity, availability and audit

• Over view of the stages of the ISMS

• Defining an Information Security Policy

• Defining the scope of the ISMS

Identifying information assets

• What are information assets?

• Creating an asset classification system

Undertaking a risk assessment

• Identifying asset values, threats and vulnerabilities

• Creating a usable and simple risk methodology

• Using risk tools

• Practical exercise – under taking a risk assessment

• Results and conclusions resulting from an assessment

Managing risk

• Risk measurement

• Risk reduction and acceptance techniques

• Practical exercise - determining control objectives

• Selecting control objectives and controls

• Security in depth

• ISO 27001 control objectives and controls

• The application of countermeasures

• Practical exercise – creating a workable countermeasure

• Additional controls not in ISO 27001

• Preparing a Statement of Applicability

• The need to review and audit the ISMS


• What does auditing achieve?

• How should auditing be conducted?

• Different types of audit

• The phase 1 and 2 ISO 27001 audits

• Certification – what is next?

Exams & Certification

Delegates who successfully complete the exam included at the end of the training course will be awarded the Certified ISO 27001 Implementation Practitioner (CIIP) qualification.

One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Our Customers Include