ISO 27001 was published by the International Organization for Standardization (ISO) on 15 October 2005. Essentially, ISO/IEC 27001 defines an Information Security Management System (ISMS) and complements the ISO/IEC 17799 'code of practice' standard, itself first published as BS 7799-1. ISO 27001 has incorporated varied user feedback and has considered the changes in the information security environment to make the ISMS standard more user-friendly and relevant.
The objective outlined in ISO 27001 provide a model for establishing, implementing, operating, monitoring, reviewing maintaining, and improving an Information Security Management System.
The ISMS is designed to ensure the selection of adequate and proportionate security controls that protects information assets and give confidence to interested parties. This Standard adopts Plan-Do-Check-Act (PDCA) model, which is applied to structure of all ISMS process.
ISO 27001 consists of 11 Security domains, 33 Control Objectives and 133 Security Controls.
NSS provides two specialized training offerings for ISO27001:
Both of these courses provide in-depth understanding of all of 11 Security Domains of standard.
The Main differentiator between the two courses is the subject orientation. As in Implementation course, the focus is towards implementation issues of all security controls with respect to standard. This course is ideal for companies or Individuals who require advanced understanding for Implementation vis a vis their organizations, partners, or clients. Lead Auditor course is focused more towards the audit of ISMS after the implementation. This course is ideal for companies and Individuals (Such as Internal Auditors) who seek to audit their own/client's systems for the compliance of the standard.
NSS is an industry leader in ISO 27001 Consulting and if your company or organisation wishes to implement ISMS, contact us.
With a unique association with various certification bodies, in particular BSI India, NSS marked an excellent record of accomplishment of ISO 27001 / BS7799 trainings. NSS information security consultants have delivered knowledge base and domain expertise in information security consulting and ISO27001 domain expertise to support several certification bodies worldwide.
NSS has successfully conducted over 50 ISO 27001 related certification and awareness programs/workshops around the globe in locations such as Malaysia, India, Sri Lanka, and Pakistan. NSS has also helped organisations in the implementation consulting and delivered a total of 30 companies’ certifications in Asia.
Following are some of the testimonials of the participants who have attended the training organized by NSS.
If you are interested or just wish to find out more, please contact us directly.
Recent high profile information security breaches and the value of information are highlighting the ever-increasing need for organisations to protect their information. An Information Security Management System (ISMS) is a controlled approach to managing sensitive company information so that it remains secure. It encompasses people, processes, and Information Management Security Systems.
The objective of this course is to provide delegates with the necessary skills to implement ISMS that is compliant with the requirements of ISO 17799 and meets the certification requirements of ISO 27001: 2005. The course will provide delegates with a framework for implementation.
Both the objective and result of the course will be the construction of effective ISMS under the expert tutelage and guidance of a BSI tutor. Take the knowledge and skills imparted during this exercise and use them to improve and protect your business.
For details of the next course, you can check our calendar or contact us.
BSI 27001:2005 (BS 7799) Information Security Management System Lead Auditor teaches students the fundamentals of auditing information security management systems to ISO 27001:2005 (BS 7799-2:2002).
This five-day intensive course trains students on how to conduct audits for certification bodies and facilitate the ISO 7001:2005 registration process. The auditing exercises and lectures are based on ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing. The course is designed specifically for those people who wish to conduct external assessments or internal audits to ISO 27001:2005, although students will also gain the knowledge and understanding necessary to give practical help and information to other individuals and organizations working toward conformance to the standard. This course is registered by the governing board of the IQA - International Register of Certified Auditors (IRCA) and meets part of the training requirements of those seeking registration as a lead auditor under that scheme.
It also meets the training requirements for IATCA auditor certification.
Students receive comprehensive course manuals with reference materials, including:
For details of the next course, you can check our calendar or contact us.