Certified ISO/IEC 27001 Foundation – I27001F

150€

Buy Now

  • Registered Students:

    42

  • Duration:

    --

  • Sections:

    12

  • Difficulty Level:

    Intermediate

ISO 27001 is an international standard published by the International Standardization Organization (ISO), and it describes how to manage information security in a company. The latest revision of this standard was published in 2013, and its full title is now ISO/IEC 27001:2013. The first revision of the standard was published in 2005, and it was developed based on the British standard BS 7799-2.

ISO 27001 can be implemented in any kind of organization, profit or non-profit, private or state-owned, small or large. It was written by the world’s best experts in the field of information security and provides a methodology for the implementation of information security management in an organization. It also enables companies to become certified, which means that an independent certification body has confirmed that an organization has implemented information security compliant with ISO 27001.

Learning Objectives
– Principles, concepts and the requirements of ISO/IEC 27001:2013.
– How to Develop an ISMS.
– ISO 27001:2013 Annex A.

Audience Profile
Those who need to know what ISO 27000 is all about.

Exam Details

– Format: Multiple choice

– Questions: 40

– Language: Spanish/English/Portuguese

– Pass Score: 24/40 or 60%

– Duration: 60 minutes maximum

– Delivery: This examination is available Online.

– Supervised: It will be at the Partner’s discretion

Certification Details

– Certification Type: Foundations

– Certification Code: I27001F

Prerequisites

There are no formal prerequisites for this certification.

  • 1. Introduction and Background

    History of the Standard
    ISO/IEC 27001:2013 Structure
    ISO 27000 Standard Family

  • 2. Key Concepts

    General Information and Principles
    Information Security
    The Management System
    ISMS Success Critical Factors
    Benefits of the ISMS Family Guidelines

  • 3. Terms and Definitions (See Annex)

    ISO/IEC 27001 Structure
    PDCA and ISMS Deming Cycle

  • 4. Organizational Context

    4.1 Understanding the Organization and its Context
    25 Minutes Workshop: Determine the Organizational Context Using a SWOT Analysis Matrix 
    4.2 Understanding the Stakeholders Needs and Expectations
    4.3 Determination of the Information Security Management System Scope
    4.4 Information Security Management System
    25 Minutes Workshop: Define ISMS Scope

  • 5. Leadership

    5.1 Leadership and Commitment
    5.2 Policy
    5.3 Roles, Responsibilities and Authorities in the Organization

  • 6. Planning

    6.1 Actions to Treat Risks and Opportunities
    Risk Treatment Plan
    6.1 Actions to Treat Risks and Opportunities
    ISO 31000 Standard Structure Risk Management – Guidelines
    25 Minutes Workshop: Define Statement of Applicability to Five Annex A Controls 
    6.2 Information Security Objectives and Achievement Planning
    25 Minutes Workshop: Define Security Information Objectives

  • 7. Support

    7.1 Resources
    7.2 Competence
    7.3 Awareness
    7.4 Communication
    7.5 Documented Information

  • 8. Operation

    8.1 Planning and Operational Control
    8.2 Information Security Risk Assessment
    8.3 Information Security Risk Treatment
    Risk Assessment and Treatment

  • 9. Performance Assessment

    9.1 Follow up, Measure, Analysis and Assessment
    9.2 Internal Audit
    Audit
    9.3 Direction Revision

  • 10. Improvement

    10.1 Non-Conformity and Corrective Actions
    10.2 Continuous Improvement

  • Annex 1: Terms and Definitions

    25 Minutes Workshop: Revise Information Security Terms and Conditions 
    3.1 Access Control
    3.2 Analytical Model
    3.3 Attack
    3.4 Attribute
    3.5 Audit
    3.6 Audit Scope
    3.7 Authentication
    3.8 Authenticity
    3.9 Availability
    3.10 Basic Measure
    3.11 Competency
    3.12 Confidentiality
    3.13 Conformity
    3.14 Consequence
    3.15 Continuous Improvement
    3.16 Control
    3.17 Control Objective
    3.18 Correction
    3.19 Corrective Action
    3.20 Data
    3.21 Decision Criteria
    3.22 Derived Measure
    3.23 Documented Information
    3.24 Effectiveness
    3.25 Event
    3.26 Top Management
    3.27 External Context
    3.28 Information Security Governance
    3.29 Governance Body
    3.30 Indicator
    3.31 Information Needs
    3.32 Information Treatment Resources (Facilities)
    3.33 Information Security
    3.34 Information Security Continuity
    3.35 Information Security Event or Happening
    3.36 Information Security Incident
    3.37 Information Security Incident Management
    3.38 Community that Shares Information
    3.39 Information System
    3.40 Integrity
    3.41 Interested Party
    3.42 Internal Context
    3.43 ISMS Project
    3.44 Risk Level
    3.45 Likelihood
    3.46 Management System
    3.47 Measure
    3.48 Measurement
    3.49 Measuring Function
    3.50 Measuring Method
    3.51 Measuring Results
    3.52 Supervision, Follow up or Monitoring
    3.53 Non-Conformity
    3.54 No-Rejection
    3.55 Object
    3.56 Objective
    3.57 Organization
    3.58 Outsourcing (Verb)
    3.59 Performance
    3.60 Policy
    3.61 Process
    3.62 Reliability
    3.63 Requirement
    3.64 Residual Risk
    3.65 Revision
    3.66 Revised Object
    3.67 Revision Objective
    3.68 Risk
    3.69 Risk Acceptance
    3.70 Risk Analysis
    3.71 Risk Appreciation
    3.72 Risk Communication and Search
    3.73 Risk Criteria
    3.74 Risk Assessment
    3.75 Risk Identification
    3.76 Risk Management
    3.77 Risk Management Process
    3.78 Risk Owner
    3.79 Risk Treatment
    3.80 Scale
    3.81 Security Implementation Standard
    3.82 Stakeholder
    3.83 Threat
    3.84 Top Management
    3.85 Trusted Entity for the Communication of Information
    3.86 Measuring Unit
    3.87 Validation
    3.88 Verification
    3.89 Vulnerability
    3.90 Information
    3.91 Asset

  • Conclusions

    Conclusions

How will the courses be conducted?

The course is self paced. This means that you can learn at your own time and schedule, while completing the program you receive both the attendance certificate and certification through online exams.

How do I pay the tuition fees of the Seminar?

The Seminar Tuition fee is € 150 and you can pay through PayPal, Credit/Debit card or Bank deposit.

Who is CertiProf®?
CertiProf® is an Examination Institute founded in 2015, in the USA. Located in Sunrise, Florida.
Our philosophy is based on community knowledge, and for that purpose its collaborative network is
made up of:
• CKA’s (CertiProf Knowledge Ambassadors), are influential people in their fields of expertise or
mastery, coaches, trainers, consultants, bloggers, community builders, organizers and evangelists,
who are willing to contribute in the improvement of content
• CLL’s (CertiProf Lifelong Learners), Certification candidates are identified as Continuing Learner
proven their unwavering commitment to lifelong learning, which is vitally important in today’s
ever-changing and expanding digitalized world. Regardless of whether they win or fail the exam
• ATP’s (Accredited Trainer Partners), Universities, training centers and facilitators around the
world that make up the partner network
• Authors (co-creators), Industry experts or practitioners who, with their knowledge, develop
content for the creation of new certifications that respond to the needs of the industry
• Internal Staff, our distributed team with operations in India, Brazil, Colombia and the United
States that support day by day the execution of the purpose of CertiProf®