Live online training via webinar
ISO 27001 A.6 & A.8: Organization of information security; external parties; raising awareness, training and HR management
When you think about it a little deeper, most of the damage to an organization's information occurs not because of the equipment malfunction or viruses, but because of someone's malicious acts or unintentional errors, because of problems with the suppliers or outsourcing partners, because of a lack of clear organizational rules etc.
In other words, information security is not only about IT security, but also about human resources management, relationships with external parties and defining policies and procedures. This is exactly what is described in Annex A of ISO 27001, sections A.6 Organization of information security and A.8 Human resources security (both of these sections also include the external parties).
Therefore it is important to take these controls seriously – apply them based on the results of your risk assessment and you'll be able to prevent most serious security incidents.
Register for this webinar to learn:
- Requirements of ISO 27001 Annex A.6 and A.8
- Risks related to human resources, external parties and organizational issues
- Relationship with risk assessment & risk treatment
- Relationship with other controls from Annex A
- How to implement human resources controls
- How to implement controls related to external parties
- What are the organizational issues related to information security
- What is mandatory documentation; what is recommended documentation
"Dejan is clearly a subject matter expert on Risk Analysis and Risk Management. His trainings are well designed and superbly and professionally delivered using the GoToTraining platform."
Bob Chaput, CEO at Clearwater Compliance LLC
Presented by: Dejan Kosutic
|Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has extensive working experience both as a tutor and as a consultant – he is an Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and ISO 22301/BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium-sized businesses including IT companies.
He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.
IS&BCA live online trainings: The knowledge you can apply right away.