Training & Certifications

This program is an international standard that provides the basis for effective management of confidential and sensitive information, and for the application of information security controls. It enables organizations to demonstrate excellence and prove best practice in Information Security management. Conformance with the standard requires commitment to continually improve control of confidential and sensitive information, providing reassurance to sponsors, shareholders and customers alike.

Re-released in 2013, ISO/IEC 27001 builds upon established foundations as the most widely recognized international standard specifically aimed at information security management. The adoption of an Information Security Management System (ISMS) is a strategic decision driving the coordination of operational security controls across all of the organizations electronic and physical information resources. The standard can be integrated with other management system framework standards, such as the quality standard ISO 9001 and ISO/IEC 20000 for IT service management.

ISO/IEC 27001 provides a model to establish, implement, maintain and continually improve a risk-managed ISMS. The design and implementation of the management system is tailored to the organization’s objectives, information assets, operational processes and governing legal and regulatory security requirements. The Practitioner level qualification assesses your application of ISO/IEC 27001 knowledge to given business scenarios, enabling the candidate to demonstrate more detailed knowledge and capability.

At the end of the program, the participants will be able to :

  1. Apply the principles of ISMS policy and its information security scope, objectives, and processes within an organizational context
  2. Apply the principles of risk management including risk identification, analysis, and evaluation, and propose appropriate treatments and controls to reduce information security risk, support business objectives, and improve information security
  3. Analyze and evaluate deployed risk treatments and controls to assess their effectiveness and opportunities for continual improvement
  4. Analyze and evaluate the effectiveness of the ISMS through the use of internal audit and management review to continually improve the suitability, adequacy, and effectiveness of the ISMS
  5. Understand, create, apply, and evaluate the suitability, adequacy, and effectiveness of documented information and records required by ISO/IEC 27001
  6. Understand, create, apply, and evaluate the suitability, adequacy, and effectiveness of documented information and records required by ISO/IEC 27001

This qualification is aimed at those who are:

  • Internal managers and personnel working to implement, maintain, and operate an ISMS within an organization
  • External consultants supporting an organization’s implementation, maintenance, and operation of an ISMS
  • Internal auditors who are required to have an applied knowledge of the standard

This program is 2 days of intensive training class.

Candidate must hold ISO/IEC 27001 Foundation certification to qualify to sit the Practitioner exam.

At the end of the program, the participants will be assessed with 2 and half hours of ISO/IEC 27001 Practitioner Exam.

ISO/IEC 27001 Practitioner Certification will be awarded upon successfully passing the exam from APMG International.

  1. What are ISO/IEC 27001:2013 Standard, History and Definitionss
  2. The ISO/IEC 27001 Certification
  3. The ISO/IEC 2700x Norms
  4. The Information Security Management System (ISMS)
  1. Relation with the ISO 9001, ISO 14001, ISO 20000-1 Standards
  2. Relations with other standards and regulations (PCI DSS, SOGP, FIPS, HIPAA, SOX, etc.)
  1. Management Responsibilities
  2. Create and work with virtual machines
  3. Internal Audit and Management of the ISMS
  4. Continuous Improvement of the ISMS
  1. The Reasons for an Audit
  2. The different Audit Types and its Expected Audit Results
  3. Audit the Evidence to Demonstrate Compliance
  4. Preparation and Participation to a Certification Audit
  5. Conducting an Audit

Scroll to Top