Deploy an information security management system aligned with ISO 27001 and ISO 27002:2022 standards
This course introduces you to the implementation and auditing of an Information Security Management System (ISMS) compliant with ISO 27001:2013 and ISO 27002:2023, taking into account recent developments.
It covers the foundations of the ISO 27000 standards, the PDCA model, security-related roles and responsibilities, and the essential stages: asset inventory, risk management, threat treatment and the certification process. A specific section is devoted to organizational and technical security measures, as well as the choice of performance indicators (ISO 27004) and the use of appropriate dashboards.
The course also proposes a migration strategy towards the 2022 version of the standards, and incorporates practical exercises and case studies to anchor knowledge.
Aimed at IT, project management, accounting and governance professionals, it provides an essential foundation for effectively managing information security within an organization.
Is it for you ?
Network specialists (other than DBAs), IT managers (including VPs), project managers, general managers and accountants. .
Prerequisites
None.
What You'll Walk Away With
- ✓ Implement an ISMS aligned with ISO 27001 and ISO 27002:2022 requirements
- ✓ Conduct comprehensive risk assessments and define effective risk treatment plans
- ✓ Identify and classify information assets to better protect critical data
- ✓ Apply organizational and technical security controls based on ISO best practices
- ✓ Monitor ISMS performance with relevant KPIs and drive continuous improvement
Training content
- Concept of ISMS (Information Security Management System)
- Roles and responsibilities
- Presentation of the ISO 27000 family of standards
- PDCA model (Plan-Do-Check-Act) version 2022
- Traces and documented information
- Asset inventory
- Risk analysis
- Risk treatment
- ISO 27001 certification process
- Different categories of security measures
- Organizational and technical measures according to ISO 27002:2022
- Choice of indicators according to ISO 27004
- Strategic, tactical or operational dashboards
- Migration strategy from the 2013 version to the 2022 version
- Exercises and case studies.
📌 Practical information
Our training sessions are offered in Montreal or Quebec City, in person or in a virtual classroom. Dates and locations are specified when you select your session below. If you have any questions, check out our FAQ.