Organizations are increasingly recognizing the importance of implementing best-practice security controls to safeguard their information assets. This course is for people with a basic understanding of information security, focusing on the practical skills needed for implementing the controls from ISO/IEC 27001:2022.
ISO/IEC 27002:2022 helps organizations select, implement and manage information security controls. It includes 4 security control clauses and 93 controls. During the two-day training, you will learn which controls are the most appropriate to implement and how to put these into practice within your organization.
How will I benefit?
- Gain in-depth knowledge of ISO/IEC 27002:2022 and its benefits from your partner in learning
- Understand how implementing security controls will help reduce levels of risk within your organization
- Implement the security controls more effectively through clear and practical guidance
This course will help organizations identify appropriate controls to be implemented in different situations, along with the benefits and potential pitfalls of doing so.
Who should attend?
Anyone who wants to learn:
- To identify and understand commonly accepted information security controls
- How risks can be reduced to an acceptable level using controls
- How to determine which controls are the most appropriate to implement
- Practical implementation of ISO/IEC 27002 controls
- The benefits and pitfalls associated with the use of different controls
The course is applicable to representatives from any size or type of organization who is, or will be, involved in planning, implementing, maintaining, supervising or assessing information security, as part of an ISO/IEC 27001 ISMS or a standalone system.
Prerequisites
- We recommend that you have a basic understanding of information security principles and terminology.
- We also recommend that you have an understanding of the information risks faced by their organization.
- A basic understanding of ISO/IEC 27001, information technology and information risk management may be an advantage.
- Some delegates on this course will have already attended our Information Security Management System (ISMS) Requirements of ISO 27001, or Information Security Management System (ISMS) Implementing ISO/IEC 27001 course.
What will I learn?
You’ll be able to:
- Explain the background and purpose of ISO/IEC 27002
- Explain the scope and structure of ISO/IEC 27002
- Recognize the different best practice controls recommended by ISO/IEC 27002
- Define the benefits of implementing controls from ISO/IEC 27002
- Evaluate how to use the controls in conjunction with an ISO/IEC 27001 based ISMS
- Demonstrate how to choose the appropriate controls relevant to you
- Implement chosen controls from ISO/IEC 27002
What's included?
- Detailed course notes
- On completion, you'll be awarded an internationally recognized BSI Training Academy certificate