• online training
  • ITIL^® Foundation
  • IT Security Management Foundation (ISO 27000 - 27002)
  • How to get ITIL^® certified
  • What is ITIL^®?
  • Getting started with online training
  • Price list
• classroom training
  • IT Service Management
    • ITIL^® Foundation
    • ITSM Awareness (ISO/IEC 20000)
    • ITSM Foundation (ISO/IEC 20000)
  • IT Governance
    • COBIT^® Foundation
    • IT Governance Executive Overview (ISO/IEC 38500)
  • IT Security Management
    • IT Security Management Awareness (ISO 27000 - 27002)
    • IT Security Management Foundation (ISO 27000 - 27002)
  • Risk & Continuity Management
    • IT Continuity Management (BS25777)
    • Business Continuity Management (BS25999)
    • Managing IT Risks
      (ISO 31000 & ISO 27005)
  • Classroom Training Providers
• exams
  • Writing exams
  • ITIL^® mock exams
  • Price list
• study material
  • ITIL^® study guide

>> ISO 27000/ 27001/27002 Introduction

>> Why ISM ?

>> ISO 27000/ 27001/27002 Course Content

ISO 27000/ 27001/27002 Introduction

The Information Security Foundation course (based on ISO/IEC 27002) deals with the basic concepts of information security.

The ISO27002 is a code of practice for information security, which describes how organisations should manage information and protect it against information security risks.

ISO27002 outlines potential controls and control mechanisms to protect information in organisations.

This course also touch on requirements set in ISO27001 (i.e. the set-up of the information security process) and represents the specification for an Information Security Management System (ISMS).

Why ISM?

Globalisation of the economy leads to a growing exchange of information between organisations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet poses challenges for many companies.

The protection of organisational information is becoming more and more important and resultantly Information Security is becoming increasingly important.

The activities of many companies now rely entirely on IT, and information has become the most valuable asset many companies have.

Protection of information is crucial for the continuity and proper functioning of organisations – information must be reliable and secure.

ISO 27000/ 27001/27002 Course content

ISO/IEC 27002:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization.

The objectives outlined provide general guidance on the commonly accepted goals of information security management.

ISO/IEC 27002:2005 contains best practices of control objectives and controls in the following areas of information security management:

1. security policy
2. organisation of information security
3. asset management
4. human resources security
5. physical and environmental security
6. communications and operations management
7. access control
8. information systems acquisition, development and maintenance
9. information security incident management
10. business continuity management
11. legal & statutory compliance

Back to the top