ISO 27001:2022 certified ISMS lead implementer

Course times

This course takes place over three days, with sessions running:

• Day one: 09:30 - 17:00
• Day two: 09:00 - 17:00
• Day three: 09:00 - 17:00, including an exam

Please note: these dates are to join a public run of this course, provided by IT governance. When booking you can specify if you'd prefer to join in person or online.

If you'd prefer to be in a Jisc member only run please email training@jisc.ac.uk.

About

This accredited practitioner-led three day course equips you with the skills to support an organisation in effectively planning, implementing, managing, monitoring and maintaining an ISMS.

It will teach you:

• The nine critical steps involved in planning, implementing and maintaining an ISO 27001:2022-compliant ISMS
• Information security management best practices to ensure data confidentiality, integrity and availability
• How to structure and manage your ISO 27001 project
• Typical pitfalls and challenges and how to deal with them

Who should attend

There are no formal entry requirements for this course. However, we will assume that attendees have a basic knowledge of ISO 27001 gained either through reading the ISO 27001:2022 standard or attending the Certified ISO 27001:2022 ISMS foundation training course.

This course is only available to Jisc members.

What we cover

• Why information security management is essential to an organisation
• The role and structure of an information security policy
• The key concepts, principles and main requirements of ISO/IEC 27001:2022
• The terms and definitions used in the Standard, including risk and options for risk assessments
• How to interpret the requirements of ISO 27001:2022 to determine the scope of your ISMS
• How to secure senior management commitment by building a compelling business case
• How to structure and manage your ISO 27001 project
• How to allocate roles and responsibilities for your ISO 27001 implementation
• How to review and map your existing controls to Annex A of ISO 27001
• The importance of the statement of applicability (SoA) and justifications for inclusions and exclusions
• How to carry out an information security risk assessment – the core competence of information security management
• The benefits of and key issues when selecting a risk assessment tool
• How to develop a management framework, write policies and produce other critical documentation
• The importance of staff, an effective communication strategy and general awareness training
• The key elements of management review
• How to prepare for your ISO 27001 certification audit and ensure that you pass first time
• How to manage and drive continual improvement under ISO 27001

Training outcomes

• Why information security management is essential to an organisation
• The role and structure of an information security policy
• The key concepts, principles and main requirements of ISO/IEC 27001:2022
• The terms and definitions used in the Standard, including risk and options for risk assessments
• How to interpret the requirements of ISO 27001:2022 to determine the scope of your ISMS
• How to secure senior management commitment by building a compelling business case
• How to structure and manage your ISO 27001 project
• How to allocate roles and responsibilities for your ISO 27001 implementation
• How to review and map your existing controls to Annex A of ISO 27001
• The importance of the statement of applicability (SoA) and justifications for inclusions and exclusions
• How to carry out an information security risk assessment – the core competence of information security management
• The benefits of and key issues when selecting a risk assessment tool
• How to develop a management framework, write policies and produce other critical documentation
• The importance of staff, an effective communication strategy and general awareness training
• The key elements of management review.
• How to prepare for your ISO 27001 certification audit and ensure that you pass first time
• How to manage and drive continual improvement under ISO 27001
• Successful completion of the included exam awards the IBITGQ CISLI qualification

Qualification: successfully completing the course and included exam awards the ISO 27001:2022 Certified ISMS lead implementer (CIS LI) qualification.

The ISO27001 lead implementer exam qualification needs to be re-certified every 3 years.

Pricing and eligibility

Jisc members and others from the education and research sector: £1,750 + VAT.

Please note, you are requesting a place on a public run of this IT governance course so we are unable to provide refunds for cancellations.