T 74v22 - E-learning - ISO 27001 training package - Readiness and audit of your ISMS version 2022

Discover the ISO 27001 standard version 2022 and

• its content
• its principles
• its requirements
• the stakes

Get used to

• information security approach
• information security management system (ISMS)
• process approach
• risk-based thinking
• information security terminology
• continual improvement

The important and fundamental elements of an information security management system

• information security approach (quality management principles, PDCA cycle)
• process approach (definitions, process types, mapping)
• context of the company (customer requirements)
• leadership of top management (commitments, responsibilities)
• planning of the ISMS (risks, actions, objectives)
• product realization and service provision (operational control, risk assessment and treatment)
• performance evaluation (monitoring, measure, analysis, internal audits, management review)
• improvement (nonconformities, corrective actions, continual improvement)
• controls (Annex A)

The menu of the course

• Presentation
• MCT Beginning (10 questions)
• 1 Information security
  • 1.1 History
  • 1.2 Scope
  • 1.3 Principles and steps
• 2 Standards, definitions, books
  • 2.1 Standards
  • 2.2 Definitions
  • 2.3 Books
• MCT Information security (9 questions)
• 3 Process approach
  • 3.1 Process
  • 3.2 Process map
  • 3.3 Process approach
• MCT Process approach (7 questions)
• 4 Context
  • 4.1 The organization and its context
  • 4.2 Needs and expectations of interested parties
  • 4.3 Scope
  • 4.4 ISMS
• Case Interested parties
• Case Customer and need
• Case Priority tasks
• Summary of clause 4
• MCT Context (7 questions)
• 5 Leadership
  • 5.1 Leadership and commitment
  • 5.2 Policy
  • 5.3 Roles, responsibilities and authorities
• Case New line
• Summary of clause 5
• MCT Leadership (7 questions)
• 6 Planning
  • 6.1 Actions to address risks
  • 6.2 Objectives
  • 6.3 Changes
• Case New risk
• Case Risk treatment
• Case Risk register
• Summary of clause 6
• MCT Planning (9 questions)
• 7 Support
  • 7.1 Resources
  • 7.2 Competence
  • 7.3 Awareness
  • 7.4 Communication
  • 7.5 Documented information
• Case Communication
• Summary of clause 7
• MCT Support (7 questions)
• 8 Operation
  • 8.1 Operational planning and control
  • 8.2 Risk assessment
  • 8.3 Risk treatment
• Case Design review
• Case Process stability
• Summary of clause 8
• MCT Operation (6 questions)
• 9 Performance
  • 9.1 Inspection, analysis and evaluation
  • 9.2 Internal audit
  • 9.3 Management review
• Case Audit readiness
• Case Auditor question
• Case Management review
• Summary of clause 9
• MCT Performance (7 questions)
• 10 Improvement
  • 10.1 Continual improvement 
  • 10.2 Nonconformity and corrective action
• Case Nonconformities
• Case Kaizen and problem
• Summary of clause 10
• MCT Improvement (8 questions)
• Annex A
• A.5 Organizational controls
• Case Classification of information
• Case Password
• Case Response to an incident
• Case Selecting suppliers
• Summary of annex A.5
• MCT Annex A.5 (11 questions)
• A.6 People controls
• Case Incident log
• Summary of annex A.6
• MCT Annex 6 (6 questions)
• A.7 Physical controls
• Case Storage media
• Summary of annex A.7
• MCT Annex 7 (7 questions)
• A.8 Technological controls
  
• Case Audit program
• Case Audit report
• Summary of annex 8
• MCT Annex 8 (6 questions)
• MCT End (20 questions)

T 44v22 ONLINE COURSE INTERNAL AUDIT OF YOUR INFORMATION SECURITY MANAGEMENT SYSTEM ISO 27001: 2022