Live online training via webinar
ISO 27001 Foundations Part 1: ISMS planning phase, documentation and records control
If you don't plan your information security activities carefully, chances are you will miss something important – and that will cost you. This is why ISO 27001 defines very precisely the various steps in the planning phase – the purpose is to set clear direction, but also to take into account everything that can cause security incidents.
According to ISO 27001, the planning phase is rather complex and requires several documents and activities to be done. Risk assessment and treatment are the central part of the planning phase – they set the ground for the implementation phase, by defining which security controls are applicable.
Experience has shown that by doing the planning phase properly right at the beginning of your ISO 27001 project, you will save considerable time and money later on.
Register for this webinar to learn:
- Structure of ISO 27001 standard – Plan-Do-Check-Act cycle
- Overview of the planning phase elements (clause 4.2.1) and their implementation – ISMS scope, ISMS Policy, risk assessment methodology, risk assessment, risk treatment, Statement of Applicability, Risk Assessment Report
- Document and records control (clauses 4.3.2 and 4.3.3) implementation – how to control the approval of your documents, distribution, ensuring that the documents are up-to-date etc.
- Mandatory documents according to ISO 27001 (clause 4.3.1)
"Dejan is clearly a subject matter expert on Risk Analysis and Risk Management. His trainings are well designed and superbly and professionally delivered using the GoToTraining platform."
Bob Chaput, CEO at Clearwater Compliance LLC
Presented by: Dejan Kosutic
|Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has extensive working experience both as a tutor and as a consultant – he is an Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and ISO 22301/BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium-sized businesses including IT companies.
He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.
IS&BCA live online trainings: The knowledge you can apply right away.