ISO/IEC 27002 LEAD MANAGER

Why should you attend?

ISO/IEC 27002 Lead Manager training enables you to acquire the necessary expertise to support an organization in implementing and managing Information Security controls based on ISO/IEC 27002. During this training course, you will also gain a comprehensive knowledge of the best practices of Information Security Controls and improve Information Security within an organization.

After mastering all the necessary concepts of Information Security Controls, you can sit for the exam and apply for a “Certified ISO/IEC 27002 Lead Manager” credential. By holding an ISO/IEC 27002 Lead Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in implementing and managing Information Security Controls based on ISO/IEC 27002

Who should attend?

• Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• hh Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for the Information Security, compliance, risk, and governance in an organization
• hh Information Security team members
• Expert advisors in information technology
• Information Security officers
• Information Security managers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Master the concepts, approaches, standards, methods, and techniques required for the implementation and effective management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of Information Security for the strategy of the organization
• Master the implementation of Information Security management processes
• Master the expertise to support an organization to effectively implement, manage and maintain Information Security Controls
• Master the formulation and implementation of Information Security requirements and objectives

Certification:

After successfully completing the exam, you can apply for the credential.

You will receive a certificate once you comply with all the requirements related to the selected credential.

Course Agenda:

Introduction to Information Security controls as recommended by ISO/IEC 27002

• Section 1: Course objective and structure
• Section 2: Standard and regulatory framework
• Section 3: Fundamental Principles of Information Security
• Section 4: Information Security Management System
• Section 5: Information security policies
• Section 6: Organization of information security

Information Security requirements and objectives based on ISO/IEC 27002

• Section 7: Human resources security
• Section 8: Asset Management
• Section 9: Access Control

Monitoring, measurement, analysis, and evaluation of Information Security controls

• Section 10: Cryptography
• Section 11: Physical and Environmental Security
• Section 12: Operations Security
• Section 13: Communications security

Continual improvement of an organization's Information Security Management System performance

• Section 14: System acquisition, development and maintenance
• Section 15: Supplier Relationships
• Section 16: Information security Incident Management
• Section 17: Information security aspects of business continuity management
• Section 18: Compliance
• Section 19: Golden Rules and Conclusion
• Section 20: Lead Manager Certification Scheme
• Section 21: Closing the Training

Course Duration: 5 Days

Examination: 3 Hours

The “Certified ISO/IEC 27002 Lead Manager” exam fully meets the requirements of the Examination and Certification Programme (ECP).

The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security
• Domain 2 Information Security Controls based on ISO/IEC 27002
• Domain 3 Planning and evaluation of the needs and applicability of Information Security Controls
• Domain 4 Implementation and management of Information Security Controls
• Domain 5 Monitoring and measurement of Information Security Controls
• Domain 6 Continual improvement of Information Security Controls