Training Calendar

NSS will be organizing series of training on a quarterly basis, join our Mailing List to be in the loop of the upcoming training calendar. Or check us out regularly as we update the calendar. Send us an email at sales@mynetsec.com if you are interested in any of the trainings below.

Mark your calendar now!

	Training 2008	Date	Register By
Q1	ISO 27001 Lead Auditor Training	25^th – 2^9thFebruary	21^st February
	ISO 27001 Lead Auditor Training	17^th – 21^st March	1^3th March
	Certified Information System Security Professional (CISSP)	24^th – 28^th March	21^st March
Q2	Certified Network Security Administrator	14^th -18^th April	10^th April
	ISO 27001 Lead Implementer Training	21^st -25^th April	17^th April
	Certified Penetration Test Professional	19^th -23^rd May	15^th May
	Certified Information System Security Professional (CISSP )	26^th – 30^th May	22^nd May
	Application Security	16^th – 20^th June	12^th June
	Certified Penetration Test Professional	23^rd – 27^th June	20^th June
Q3	Incident Response and Digital Forensics	14^th -18^th July	10^th July
	ISO 27001 Lead Auditor Training	7^th – 11^thJuly	3^rd July
	ISO 27001 Lead Implementer Training	11^th – 15^th August	5^th August
	ISMS Awareness Training	8^th – 12^th September	4^th September
	Certified Information System Security Professional (CISSP )	22^nd– 26^th August	16^th August
Q4	Certified Penetration Test Professional	13^th – 17^th October	9^thOctober
	Application Security	10^th – 14^th November	6^th November
	Certified Network Security Administrator	15^th – 19^th December	11^th December

ISMS Concepts

Information Security Management System Concepts course teaches delegates the fundamentals of auditing/implementing information security management systems to ISO 27001:2005 (BS 7799-2:2002) standard. This 3-day intensive course provides insight on Implementation and Audit methodology for the ISO 27001:2005 certification for an organization. It forms the foundation for delegates to take the internationally recognized courses and certifications to become ISO 27001 Lead Auditors or Lead Implementers – the first step in the increasingly important Information Security Management profession.

What will you learn?

The component parts of the Standard
How to manage information security?
How the individual components of the process fit together?
How to treat implementation as a project?
Common pitfalls
How to define and risk assess “information assets”?
How to manage risks in a way suitable to your organization?
The essential requirements for obtaining auditor approval, i.e. certification

Course Outline

THE 27001 STANDARD

Why do you need certification to ISO 27001?
What the Information Security Management System (ISMS) is and what it is trying to achieve

CONFIDENTIALITY, INTEGRITY, AVAILABILITY AND AUDIT

Overview of the stages of the ISMS
Defining an Information Security Policy
Defining the scope of the ISMS

IDENTIFYING INFORMATION ASSETS

What are information assets?
Creating an asset classification system

UNDERTAKING A RISK ASSESSMENT

Identifying asset values, threats and vulnerabilities
Creating a usable and simple risk methodology
Using risk tools
Practical exercise – undertaking a risk assessment
Results and conclusions resulting from an assessment

MANAGING RISK

Risk measurement
Risk reduction and acceptance techniques
Practical exercise - determining control objectives
Selecting control objectives and controls
Security in depth
ISO 27001 control objectives and controls
The application of countermeasures
Practical exercise – creating a workable countermeasure
Additional controls not in ISO 27001
Preparing a Statement of Applicability
The need to review and audit the ISMS

AUDITING

What does auditing achieve?
How should auditing be conducted?
Different types of audit
The phase 1 and 2 ISO 27001 audits

Logistics

Date 7th - 9th May, 2007

Time 8:00 am - 4:30 pm

Venue UBD Lab