ISO 27001 Information Security Management System

Course Code: TQM 1295

556 Course Visits

Course Sector:

Quality Management

Request in house training Call Me Back

Course Dates and Locations

Choose a date and location to book your seat

No.

Date

Days

Location

Fees

Enrollment

18 - 22 Aug 2025

5 Days

Dubai, UAE

$4,250

31 Aug - 04 Sep 2025

5 Days

Online, Virtual

$2,150

06 - 10 Oct 2025

5 Days

Abu Dhabi, UAE

$4,250

17 - 21 Nov 2025

5 Days

London, UK

$4,950

Introduction

Training course introducion / brief

ISO/IEC 27001:2022 is the newest version of ISO 27001 and was published in October 2022. While not significantly different from the previous standard, ISO 27001:2022 has notable changes that include scoping, planning, operation and performance evaluation.

This training program is designed to help participants understand the principles of information security and the requirements for an information security management system based on ISO/IEC 27001:2022. This training program will cover the fundamental concepts and topics including:

Management system documentation and the requirements of ISO 27001;
Planning, scoping and communication throughout your ISO 27001 project; and
The key steps involved in an ISO 27001 risk assessment.
The main information security management concepts, principles, and definitions
The main ISO/IEC 27001 requirements for an information security management system (ISMS)
Approaches, methods, and techniques used for the implementation and management of an ISMS

Explain the relation between ISO/IEC 27001 and other ISO standards, such as ISO/IEC 27002 and ISO/IEC 27003.
Distinguish between other ISO Management system standards.
Understand the structure of ISO/IEC 27001.
Identify the main requirements of ISO/IEC 27001 for an ISMS.
Gain an understanding of the main concepts of Information security.
Learn the concepts of threat, vulnerability, and information security risk.
Describe the main characteristics of Artificial intelligence and cloud computing.
Analyse how ISMS objectives are set.
Recognize the key roles and responsibilities of interested parties regarding the ISMS.
Interpret the requirements of ISO/IEC 27001 regarding leadership and commitment of the top management.
Interpret the development life cycle of an information security policy.
Explore the different activities of the risk management process.
Identify the criteria that should be considered when selecting a risk assessment methodology.
Know how risks are identified, analysed, and evaluated.
Explain the requirements of ISO/IEC 27001 regarding documented information.
Identify the main processes necessary for the operation of an ISMS.
Interpret the requirements of ISO/IEC 27001 regarding management review and continual improvement.

coming soon

Domain I: Fundamental Principles and Concepts of an Information Security Management System (ISMS)

The main standards of the ISO/IEC 27000 family
Other information security regulations, industry standards, and best
practices
Advantages of implementing an ISMS based on ISO/IEC 27001
The definition of management system and management system standards
The structure of ISO/IEC 27001
The main requirements of ISO/IEC 27001, clauses 4 to 10

“Plan-Do-Check-Act” (PDCA) cycle

The main concepts of information security related to ISO/IEC 27001
The relationship between information security elements
The concept of information confidentiality, integrity, and availability
Information security vulnerabilities, threats, and risks
The main characteristics of artificial intelligence and cloud computing

Domain II: Information Security Management System (ISMS) – Identifying and interpreting the requirements of ISO/IEC 27001 for an ISMS

Knowledge of typical ISMS objectives
What typically constitutes an organization’s internal and external context
Roles and responsibilities of interested parties relevant to ISMS
The role of the top management in regards to the ISMS implementation
Different policies, such as highlevel general, high-level specific, and topic specific
Information security policy and its development life cycle
The processes required to manage information security risks

Selection of the risk assessment methodology

Risk identification, analysis, and evaluation
Risk treatment options
Main competence and awareness activities
Resource management during the ISMS implementation process
Training and awareness activities and communication principles
Types of documented information relevant to the ISMS
Operational planning requirements of ISO/IEC 27001

Boost certificate of completion

BOOST's Professional Attendance Certificate “BPAC” is always given to the delegates after completing the training course, and depends on their attendance of the program at a rate of no less than 80%, besides their active participation and engagement during the program sessions.

ENDORSED EDUCATION PROVIDER

Flexible deadlines

Customized dates accordance to your schedule

Shareable Certificate

Earn certificate upon completion

COURSE METHODOLOGY

Our Training programs are implemented by combining the participants' academic knowledge and practical practice (30% theoretical / 70% practical activities).

At The end of the training program, Participants are involved in practical workshop to show their skills in applying what they were trained for. A detailed report is submitted to each participant and the training department in the organization on the results of the participant's performance and the return on training. Our programs focus on exercises, case studies, and individual and group presentations.

Download Company profile

Download Calendar

Trending Courses

The most bespoke and flexible training courses

Open courses table

Jan

- 05 -
Days

Leading and Building a Positive, Motivated, and Empowered Teams

Online, Virtual

TRAINING COURSE: ISO 27001 Information Security Management System