Scribd
Upload
23 views6 pages

ISO27001-2022 Course Intro

The document outlines a course on ISO 27001:2022, focusing on the Information Security Management Standard and its updates. It includes a detailed schedule of topics covered, exercises for practical implementation, and prerequisites for learning ISO 27001. The course aims to simplify the understanding of ISO 27001 and provide hands-on experience through various exercises and activities.

Uploaded by

Karthik Selvaraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views6 pages

ISO27001-2022 Course Intro

The document outlines a course on ISO 27001:2022, focusing on the Information Security Management Standard and its updates. It includes a detailed schedule of topics covered, exercises for practical implementation, and prerequisites for learning ISO 27001. The course aims to simplify the understanding of ISO 27001 and provide hands-on experience through various exercises and activities.

Uploaded by

Karthik Selvaraj
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Understanding ISO 27001:2022

The Information Security Management Standard, Simplified


About Me

JAGBIR SINGH
[email protected]
M-91-8178210903
Action Agenda

▪ ISMS/ISO27001: 2022 – Simplified

▪ What is ISO27001 and ISO27002

▪ What's New In the new Version of ISO27001

▪ Prerequisite to Learn and Implement ISO27001

3
Course Schedule
ISO27001:2022 LEAD IMPLEMENTOR COURSE
Date Time Topic covered
ISMS Intro and Changes into New Vesion . Practical
worksheet
12th Nov. 2022 11-1.30 Pm IST Clause 4: Context of the organization - Scope
statement
Clause 5: Leadership - Policy Docs

ISMS Clause 6: Planning - How to perform Risk


13th Nov. 2022 11-1.30 Pm IST Assessment , Type of Risk assement and workbook
Clause 7: Support - Policy Documents

19th Nov. 2022 11-1.30 Pm IST ISMS clause 8 ,9 , 10

20th Nov. 2022 11-1.30 Pm IST Annex A Controls and Policy docs

4
Activities Home – Task

Exercise-0 Your Objective from this course & Exercise


Exercise-1 Terms & Definitions pertaining to ISO27001
Exercise-2 Auditing Information Security Principles
External and Internal Issues – list down the external and internal issues consider you company as case study for ISO27001
Exercise-3
implementation.

Exercise-4 List down interested parties


Exercise-5 Write Scope statement
Exercise-6 Write your Information security policy

Exercise-7 Draw Organization chart as per your company structure ( only to cover information security team & concerned team)

Exercise-8 Define Roles and responsibilities as per the organization chart in exercise -7

Risk Assessment and Risk Assessment methodology.


Exercise-9
Asset base V/s Issue base Risk assessment
Exercise-10 Make a list of information asset ( Inventory)
Exercise-11 Make a list of Risk / Issues as per your organization

Exercise-12 List down information security objectives of your organization

Exercise-13 Resource and Competence matrix


Exercise-14 Resource and Competence matrix
Exercise-15 Policy / process doc for Document control
Exercise-16 Define communication Plan /policy
Exercise-17 Risk treatment plan
Exercise-18 Define Internal Audit Schedule
Exercise-19 Internal Audit training
Exercise-20 Internal Audit Process
Exercise-21 Management Review Process
Exercise-22 Corrective action process Management Review Process
Exercise-23 Prepare Your own checklist - for Implemention & Audit
Exercise-24 Internal Audit template
Exercise-25 Non Confirmity Exercise
Exercise-26 NC – Template

5
Exercise-27 Final Audit Report - Template
Exercise A – Start here

You might also like