Information Security Management

Information security is critically important to both you and your interested parties. BSI has developed a short session that makes you aware of what information security is, why it is important and how your organization manages the threat. It also considers how you are a vital piece of the jigsaw and what you can do to help your organization. 

• Understand the requirements and benefits of an ISO/IEC 27001 ISMS
• Learn to develop your own information safety management system

Looking for a more flexible way to learn? This course is also available on-demand.

If you need to understand the requirements of an information security management system and are confident enough not to need tutor-led training, you can opt for an online, self-paced version of our ISO/IEC 27001 Requirements course.

Looking for a tutor-led course with peer-to-peer interaction? This course is also available in a virtual or location-based classroom.

• Learn how to implement a robust ISMS based on ISO/IEC 27001 and consider what's required from your organization's perspective

• Learn how to lead the implementation programme of an ISMS that conforms to ISO/IEC 27001 in an organization

This course aims to assist organizations  to implement commonly accepted information security controls, either as part of an ISO/IEC 27001 information security management system (ISMS) or as a standalone activity through the use of ISO/IEC 27002.

This course provides a review to the updated standard from ISO/IEC 27002:2013, what the key differences are and how an organization may implement these changes should they choose to do so. This one day course will provide knowledge required to update and manage your information security controls when aligned with ISO 27002:2022.

Looking for a more flexible way to learn? This course is also available on-demand.

This course provides a review to the updated standard from ISO/IEC 27002:2013, what the key differences are and how an organization may implement these changes should they choose to do so.

This course is also available in a virtual or location-based classroom.

ISO/IEC 27017 helps manage the confidentiality, integrity and availability of your business information or information entrusted to you by others. This course helps you clearly identify who is responsible to manage the different security risks and ensure the appropriate cloud security controls are in place so you can maintain a resilient ISMS. 

This course will provide you with the knowledge required to update and manage your Information Security Management System (ISMS) when certifying to ISO/IEC 27001:2022.

Looking for a more flexible way to learn? This course is also available on-demand.

If you need to understand ISO/IEC 27001:2022 Auditor Transition and are confident enough not to need tutor-led training, you can opt for an online, self-paced version of our ISO/IEC 27001:2022 Auditor Transition course.

Looking for a tutor-led course with peer-to-peer interaction? This course is also available in a virtual or location-based classroom.

• Learn how to plan, execute and report on an audit of an ISMS in an organization assessing its conformance with ISO/IEC 27001:2022

This five-day intensive course trains ISMS auditors to lead, plan, manage and implement an Audit Plan. It also empowers them to give practical help and information to those who are working towards certification and also provides the knowledge and skill required to carry out 2nd party auditing (suppliers and subcontractors).

Attending this two-day course, you’ll understand how to use the NIST Cybersecurity Framework to assist your organization to prevent, detect and respond to cyber-attacks. Whether you need to set up a new cybersecurity programme or enhance your existing one, you’ll have the toolkit to confidently manage cybersecurity in your organization.

The NIST Cybersecurity Framework is designed to help organizations better understand, manage and reduce their cybersecurity risks. However, the framework is not a ‘one size fits all’ solution and its implementation will vary depending upon the nature, size and complexity of the organization, and the types of the information it processes.

With the increasing number of internal and external information security threats, organizations recognize the importance of adopting a formal risk management programme. Without a mechanism to identify, analyse and manage information security risks, it’s difficult for organizations to prioritize their security remediation efforts and resource allocation and associated costs. This leaves organizations more susceptible to security breaches, which can lead to financial and reputational damage.

This one-day course will provide the knowledge required to manage cybersecurity in automotive engineering.