Customer onsite workshop can also be conducted for customers in Lahore, and Islamabad PURPOSE:
ISO/IEC 27001 Foundation course allows you to acquire the core fundamentals how to implement and manage an Information Security Management System as specified inISO/IEC 27001.
During this workshop, students will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.

The course is organized into 6 module units, where each unit has video demonstrations and F2F lectures followed by unit assessment at the end of each module that will help you learn more quickly

ABOUT THE INSTRUCTOR
This workshop shall be delivered by TOGAF 9 Certified/IBM Certified Infrastructure System Architect and an experienced trainer with 25+ years of career experience imparting education and training services both locally and internationally and have worked for international enterprise technology vendors including IBM, Fujitsu, and ICL. Our instructor holds various industry professional certifications in the space of enterprise servers and storage technologies, Information Security (ISO/IEC 27002), Enterprise Architecture, Blockchain Technology, ITIL, Cloud, Virtualization, Green IT, and a co-author of 10 IBM Redbooks. 

TARGETED AUDIENCE

• Individuals involved in Information Security Management.
• Individuals seeking to gain knowledge about the main processes of Information Security Management Systems (ISMS).
• Individuals interested to pursue a career in Information Security Management.
• Technology professionals from all business verticals participating in their upcoming ISMS project helping them to grasp basic knowledge and taking organizational vision to the next level as one team.

• Understand the key elements and operations of an Information Security Management System (ISMS) including standard guidelines and best practices.
• Identify the core relationship between ISO/IEC 27001, ISO/IEC 27002and other standards and regulatory frameworks.
• Able to understand basic approaches, ISO standards, methods and techniques used for the implementation and management of an ISMS.
• In a nut shell, this course provide an opportunity to learn everything you need to know about ISO 27001, including all the requirements and best practices for compliance.

COURSE OUTLINE 

Unit 1 – Introduction to ISO 27001  What we need to know all about security. A world without cybersecurity. Top Security Concerns for the Executive Management. What is the meaning and purpose of ISO 27001? What are the 3 ISMS security objectives? Why do we need ISMS? How does ISO 27001 work? What are the requirements for ISO 27001? What are the requirements for ISO 27001? Requirement and Security Controls. What are the 14 domains of ISO 27001? What are the ISO 27001 controls? How do you implement ISO 27001 controls? ISO 27001 mandatory documents –Implementation and Certification. What are the ISO 27000 standards? Unit Assessment. Unit 2 – The Planning Phase  Understanding your organization and its context. Understanding the needs and expectations of interested parties. Determining the scope of the ISMS. Leadership and commitment [clause. Information Security Policy. Organizational roles, responsibilities and authorities. Information security objectives. Resources, Competenceand Awareness. Communication and Documented information. Unit Assessment. Unit 3- Risk Management Risk Management Approach, key objectives and benefits. Qualitative Risk Assessment –Simple and Detailed Risk Assessment Possible vulnerabilities that one cannot ignore. Types of Comprehensive Vulnerability Assessments. Understand 9 Layers of IT Infrastructure Foundation from overall Security perspective. Outside Threat Protection –The bigger picture. Cyber incident recovery tools. Top 10 recommendations for closing the security gap. Risk Management Approach, key objectives and benefits. Recommendations for closing the security gap. Information security risk assessment – Risk identifi. Information security risk assessment – Risk analysis and evaluation. Information security risk treatment. Statement of Applicability. Risk treatment plan. Why ISO 27001 projects fails to deliver benefits to the business?

Unit 4 – The Do Phase Implementing the risk treatment plan. Operational planning and control. Operating the ISMS. Managing outsourcing of operations. Controlling changes. Risk assessment review. Unit Assessment. Unit 5 – The Check and Act Phase Monitoring measurement, analysis, and evaluation. Internal audit. Management review. Nonconformities and corrective actions. Continual improvement. Unit Assessment. Unit 6 – Annex A –Control Objectives and Controls Introduction to Annex A –Reference control objectives and controls What are the ISO 27001 controls and do you implement them? Information security policies. Organization of information security. Human resources security. Asset management. Access control. Cryptography. Physical and environmental security. Operational security. Communications security. System acquisition, development and maintenance. Supplier relationships. Information security incident management. Information security aspects of business continuity management. Compliance. Unit Assessment.

AIX System Configuration Devices & AIX System Storage Overview

AIX Disk Storage Management & Recovery Procedures

AIX Performance Monitoring & Management

Understanding & Managing AIX ODM (Object Data Manager)

Security for Power Systems AIX

AIX Software Installation Maintenance & Backup & Restore

Working with Logical Volume Manager & File System Administration

AIX Error Monitoring & System Dump Facility & AIX Scheduling

AIX Security & User Administration