Trainings

ISO 27001:2022 Information Security Management System Awareness Training (2ND RUN)

19Febto20Feb
Trainings

Sensitive data is protected by information security from unauthorized actions such as inspection, modification, recording, interruption, or destruction. The objective is to guarantee the security and privacy of sensitive data, including financial information, intellectual property, and account information for customers.

This course is designed for individuals within the organization from Top Management to the lower levels, so that all can understand the part they will play in implementing and maintaining an information security management system as specified in ISO/IEC 27001:2022.

COURSE OUTLINE

PART 1 COURSE DESCRIPTION | FEBRUARY 19, 2024

Module 1: Information Security Management System Concepts – Information Security, Cybersecurity and privacy protection.

  • Information, data, and asset
  • Information Security, Cybersecurity, and Privacy Protection Concept
  • Information security Properties: Confidentiality, integrity and availability
  • Impact of vulnerabilities and threats
  • Information security risks
  • Security objectives and controls
  • Control environment

Module 2: ISO Standards and regulatory framework

  • The ISO
  • The ISO Principles
  • Management system standards
  • Integrated management systems
  • Information security standards
  • ISO 27000 family
  • ISO 27001 advantages
  • ISO 27002:2022 Implementation Updates
  • Legal and regulatory conformity

PART 2 COURSE DESCRIPTION | FEBRUARY 20, 2024

Module 3: Information Security, Cybersecurity and Privacy Protection

  • Information Security Management System (ISMS) Transition
  • The Plan–Do–Check–Act (PDCA) Framework
  • Implementation (ISMS including new changes)
  • Transition of the ISO 27001 Standard

Module 4: ISMS Implementation

  • Context of Organization
  • Leader
  • Planning
  • Support
  • Operation
  • Performance Evaluation
  • Improvement

Module 5: ISMS Implementation

  • Organization Controls – 37 controls
  • People Controls – 8 Controls
  • Physical Controls – 14 Controls
  • Technological Controls – 34 Controls

93 Information Security Controls

  • New Controls – 11
  • Merged Controls – 24 (57 merged into 24)
  • Deleted Controls -3

11 New Controls

  1. Threat Intelligence
  2. Information Security of Cloud Services
  3. ICT Readiness for Business Continuity
  4. Physical Security Monitoring
  5. Configuration Management
  6. Information deletion
  7. Data Masking
  8. Data Leakage Protection
  9. Monitoring Activities
  10. Web Filtering
  11. Secure Coding

Module 6: Certification Process

  • Certification Process
  • Transition Requirements
  • Certification schema
  • Accreditation authority, Certification bodies

METHODOLOGY

Participants will learn through lectures, case studies, group exercises, and discussions (workshops).

  • Europe-PH News

  • February 20, 2024

    FIRB increases IPA projects approval threshold to roll out ‘red carpet’ to investors

    Source:  Read More

  • February 05, 2024

    Converge Dominates Ookla®’s Speedtest Awards, Now Reigns as Philippines' Fastest Internet

    Leading Philippine fiber internet provider Converge ICT Solutions ... Read More

  • February 02, 2024

    ECCP: PHL to power through 2024 despite global conflicts

    THE European Chamber of Commerce of the Philippines (ECCP) said th... Read More