Live online training via webinar
ISO 27001 Foundations Part 3: Annex A overview
Annex A provides a catalogue of 133 security measures (controls) for decreasing risks. However, these are not only IT-related, but also include controls for human resources management, for physical security, legal protection, controls related to external parties etc.
Most of the risks cannot be managed by using only one type of controls – this is why it is crucial to take into account all the types of controls when implementing your Information Security Management System.
Therefore, knowing what controls Annex A offers, how they can be used, and how the documentation is to be structured is very important both when carrying out risk treatment, and when planning to implement the controls.
Register for this webinar to learn:
- Which are the 133 controls in 11 sections
- Relationship between ISO 27001 and ISO 27002
- Relationship between the risk assessment & risk treatment process, Statement of Applicability, Risk Treatment Plan and Annex A
- Which documents are mandatory and which are not
- How to structure the documentation for Annex A controls
- In what sequence to implement documentation for Annex A
"Dejan is clearly a subject matter expert on Risk Analysis and Risk Management. His trainings are well designed and superbly and professionally delivered using the GoToTraining platform."
Bob Chaput, CEO at Clearwater Compliance LLC
Presented by: Dejan Kosutic
|Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has extensive working experience both as a tutor and as a consultant – he is an Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and ISO 22301/BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium-sized businesses including IT companies.
He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.
IS&BCA live online trainings: The knowledge you can apply right away.