What you'll learn

Understand The Requirements Of ISO/IEC 27001, Its Clauses, And How Each One Actually Works In The Real World
Understand Information Security Controls And How They Can And Should Work In Any Organization
Understand Information Security Concepts And Principles From The Perspective Of ISO 27001
How To Conduct, Consult, And Participate In Information Security Audits
How You Can Demonstrate Leadership And Commitment In Relation To ISO 27001 And Your Organization’s ISMS
Gain An Exact Understanding Of All The Requirements For Information Security Controls According To The ISO/IEC 27001 Standard
How You Can Meaningfully Participate In The Implementation Of An Information Security Management Systems (ISMS) In A Variety Of Types And Sizes Of Organizations
Understand All Of The Requirements Necessary For An Organization To Successfully Obtain ISO/IEC 27001 Certification

Course content

4 sections • 28 lectures • 3h 51m total length

Welcome to the course!3:18

What is ISO/IEC 27001?4:41
Explore ISO/IEC 27001, the premier international standard for information security management systems and requirements, developed by ISO and IEC to protect information across organizations and sectors.
What is an ISMS?3:22
Benefits of the ISO/IEC 270016:02
ISO/IEC 27001: Clause 4: Context of the Organization12:38
ISO/IEC 27001: Clause 5.1: Leadership and Commitment24:58
ISO/IEC 27001: Clause 5.2: Policy4:41
Top management shapes the information security policy through collaboration, defining the company's scope, documenting standards, and assigning roles to staff and external parties for effective data protection.
ISO/IEC 27001: Clause 5.3: Organizational roles, responsibilities, & authorities1:36
ISO/IEC 27001: Clause 6: Planning14:28
ISO/IEC 27001: Clause 7: Support20:13
Clause 7 of ISO/IEC 27001 outlines providing resources, competence, awareness, and communication to support information security system. It emphasizes documented information, controls for managing records, and internal and external communications.
ISO/IEC 27001: Clause 8: Operation4:52
Explore ISO 27001 clause 8 operation, focusing on operational planning and control. Learn risk assessment and risk treatment to manage threats, incidents, and residual risk.
ISO/IEC 27001: Clause 9: Performance Evaluation5:58
ISO/IEC 27001: Clause 10: Improvement6:01
ISO 27001:2013 Audit and Certification1:03
Explore the ISO 27001:2013 audit and certification process, including external audits by accredited bodies, a three-year certification validity, internal audits for ongoing information security improvement, and annual evaluations after approval.

ISO 27001 Controls (Annex A): A.5 Information Security Policies2:20
ISO 27001 Controls (Annex A): A.6 Organization of Information Security7:34
ISO 27001 Controls (Annex A): A.7 Human Resource Security6:28
Explore ISO 27001 Annex A controls for human resource security, including pre-employment screening, clear employment terms, ongoing training, disciplinary processes, and post-employment data protection.
ISO 27001 Controls (Annex A): A.8 Asset Management12:19
ISO 27001 Controls (Annex A): A.9 Access Control15:37
Implement and audit ISO 27001 Annex A.9 access controls to restrict data access by role, verify identities, manage privileged rights, and enforce password standards.
ISO 27001 Controls (Annex A): A.10 Cryptography3:03
Explore ISO 27001 annex A.10 cryptography, detailing cryptographic controls and policy development to safeguard data confidentiality and integrity, and key lifecycle management from creation to destruction.
ISO 27001 Controls (Annex A): A.11 Physical and Environmental Security15:32
Explain how to safeguard company data and equipment through physical and environmental security controls, including entry controls, secure areas, protection from environmental threats, and asset handling.
ISO 27001 Controls (Annex A): A.12 Operations Security12:15
Learn ISO 27001 annex A.12 operations security, including documented procedures, change and capacity management, environment separation, malware protection, backups, logging, software control, vulnerability management, and audits.
ISO 27001 Controls (Annex A): A.13 Communications Security6:16
ISO 27001 Controls (Annex A): A.14 System Acquisition, Development & Maintenance10:51
ISO 27001 Controls (Annex A): A.15 Supplier Relationships5:38
Explore ISO 27001 Annex A.15 supplier relationships, detailing information security policies, risk assessment, supplier selection, and ongoing monitoring to protect assets and manage third-party risks.
ISO 27001 Controls (Annex A): A.16 Information Security Incident Management6:23
Explore ISO 27001 A.16 information security incident management, detailing detection, classification, treatment, logging, and reporting of incidents and weaknesses, plus learning from events to strengthen defenses.
ISO 27001 Controls (Annex A): A.17 Information Security of Business Continuity5:05
ISO 27001 Controls (Annex A): A.18 Compliance8:16

Requirements

A general understanding of information security is a useful background, however there are no specific prerequisites

Description

This course walks you through all of the clauses and key concepts of ISO/IEC 27001 including a complete analysis of Annex A and examples of Information Security Management Systems (ISMS) and exactly how they work in the real world, all of which are essential for understanding the ISO 27001 standard and certification.

INCLUDED AT THE END OF THE COURSE IS A FINAL TEST SO YOU CAN SEE EXACTLY WHERE YOU STAND WITH YOUR KNOWLEDGE AND EXPERTISE OF ISO/IEC 27001 CERTIFICATION

Information Security has never been more important than it is right now! Organizations and companies of all sizes and in a variety of fields are facing growing challenges in maintaining adequate security over their information.

This course is meant to be time efficient in that it covers all of the key points that you need to know to operate in any organization concerned about Information Security. It won't make you the foremost expert in the world, but it will give you all the knowledge and tools you need to work with an Information Security Management System (ISMS) and act with confidence and in compliance with this very important international standard.

You can use this nuts and bolts training to advance your professional career, as well as to contribute to your organization’s Information Security Management System (ISMS), at all stages, including implementation and auditing.

If you want to truly understand ISO/IEC 27001, as well as what a good Information Security Management System (ISMS) should look like, this is the course for you! Don’t miss out, invest in yourself and your career when you grab this training opportunity today!

Who this course is for:

Anyone Wanting To Advance Their Career By Improving Their Understanding Of Information Security
Anyone Involved In Implementing An ISMS
Anyone Who Is Preparing For Or Participating In An Information Security Audit
Information Security Auditors
Information Security Managers
Information Security Consultants
Information Security Officers
Network, System, And Web Administrators
Business Managers And Business Owners Concerned About Information Security
Employees Of Organization Who Have Implemented ISO27001

What you'll learn

Explore related topics

Course content

Introduction to ISO/IEC 270011 lecture • 3min

Understanding ISO/IEC 27001 and its Clauses13 lectures • 1hr 51min

ISO 27001 Controls (Annex A)14 lectures • 1hr 58min

ISO/IEC 27001: Final Evaluation0

Requirements

Description

Who this course is for: