We can deliver a structured training programme that can help your organisation achieve compliance with ISO 27001 and ISO 27002, the International Standards for Information Security and Implementation.

Why ISO 27001 and 27002?

When an organisation adopts these standards, it will gain:

• a common basis for developing organisational security standards;
• an effective security management practice;
• a source of differentiation between competing organisations when tendering for business;
• the opportunity to make significant savings of up to 20% in professional indemnity and other types of insurance payments once your organisation is compliant with ISO27001 / 27002.

 

Topic Areas within ISO 27001 / 27002	Training benefits
Security Policy	Management direction and support for information security
Organisation of assets and resources	Management of information security within the organisation
Asset classification and control	Ability to apply appropriate protection to assets such as information (databases, system documentation, contractual details, research data), software, physical resources, reputation of the organisation
Personnel security	Reduced risk of human error, theft, fraud or misuse of facilities
Physical and environmental security	Reduced threat of unauthorised access, damage and interference to business premises and information
Communications and operations management	The correct and secure operation of information processing facilities
Access control	Controlled access to information so that data is protected from malicious or accidental damage
Systems development and maintenance	Security is built into information systems
Security Incident Management	Procedures for managing security breaches
Business continuity management	Protection of critical business processes from the effects of major failures or disasters
Compliance	Avoidance of any breaches of criminal and civil law, statutory, regulatory or contractual obligations and any security requirement.