Many organizations have a need to control information and information systems. ISO/IEC 27002:2022 provides a set of controls that can be used to manage their information security risks, either as part of a conformant ISO/IEC 27001 Information Security Management System or a set of globally accepted set of best practices that can be implemented in isolation or as a foundation for organizational guidelines. This course provides a review to the updated standard from ISO/IEC 27002:2013, what the key differences are and how an organization may implement these changes should they choose to do so.
Why is it beneficial?
- Attendees will learn how to effectively prepare an information security controls set using ISO 27002:2022's guidance
- Gain an understanding of the new structure of ISO 27002:2022
- Understand the new controls of ISO 27002:2022
Who should attend?
Implementers and auditors who are ISO/IEC 27001 qualified, or those with comparable knowledge and experience.
Typical roles include:
- Those responsible for implementing and managing an information security management system.
- Individuals responsible for auditing their information security management systems
What will I learn?
This one-day course provides the knowledge required to update and manage information security controls to ISO 27002:2022.
This course will help you:
- Overview of ISO 27002
- Control correspondence
- Control attributes
- Control system
- Organisational attributes
- ISO/IEC 27002:2022 Section 5
- Threat analysis
- Information security for use in cloud services
- ICT readiness to ensure business continuity
- ISO/IEC 27002:2022 Audits Section 6 and Section 7
- Physical security monitoring
- ISO/IEC 27002:2022 Section 8
- Configuration management
- Deletion of information
- Masking of data
- Prevention of data loss
- Monitoring of activities
- Secure coding
What's included?
- Course material
- On completion, you'll be awarded an internationally recognized BSI Training Academy certificate