ISO 27001:2023 Requirements Training Course

This instructor-led, live training in Kenya (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarize themselves with key ISO 27001 concepts, terms, and principles.
• Recognize the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

Objectives

• Gaining knowledge of ISO 27001:2023
• Gaining knowledge on how to audit in accordance with the standard
• Getting to know good practices

Objectives

• Gaining knowledge of ISO 27001:2023
• Gaining knowledge on how to audit in accordance with the standard
• Getting to know good practices

Why should you attend?

ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001. During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.

Who should attend?

• Individuals involved in Information Security Management 
• Individuals seeking to gain knowledge about the main processes of Information Security Management Systems (ISMS)
• Individuals interested to pursue a career in Information Security Management

Educational approach

• Lecture sessions are illustrated with practical questions and examples
• Practical exercises include examples and discussions
• Practice tests are similar to the Certification Exam

ISO/IEC 27001 Lead Auditor 

ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.

Why should you attend?

During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

 Who should attend?

• Auditors seeking to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master an Information Security Management System audit process
• Individuals responsible for maintaining conformance with Information Security Management System requirements
• Technical experts seeking to prepare for an Information Security Management System audit 
• Expert advisors in Information Security Management

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001 
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
• Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
• Learn how to lead an audit and audit team
• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in and concerned with the implementation of an ISMS 
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises. 
• The exercises are based on a case study. 
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Who can attend?

• Auditors seeking to perform and lead information security management system (ISMS) audits
• Managers or consultants seeking to master the information security management system audit process
• Individuals responsible to maintain conformity with the ISMS requirements in an organization
• Technical experts seeking to prepare for the information security management system audit
• Expert advisors in information security management

Learning objectives

By the end of this training course, the participants will be able to:

1. Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
3. Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
4. Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
5. Manage an ISO/IEC 27001 audit program

Educational approach

• This training is based on both theory and best practices used in ISMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

This instructor-led, live training in Kenya (online or onsite) is aimed at intermediate to expert-level IT professionals who wish to enhance their skills and qualifications in information security or related fields.

By the end of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.