Contact

Timothy Phillips 
CIMA 
events@mycima.net 
954-401-7085 

When

Monday February 20, 2012 at 8:30 AM EST
-to-
Friday February 24, 2012 at 5:00 PM EST

Add to my calendar 

Where

Onsite & Live Online 
Miami, FL 

 
 

Who Should Take This Course?

  • Information security managers and anyone responsible for information security or its conformity in an organization
  • Project managers or consultants wanting to prepare and support an organization in the implementation and management of an Information Security Management System (ISMS)
  • Auditors who want to understand and master the Information Security Management System implementation process
  • Members of an information security service or delivery team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an information security function or for an ISMS project management function

What You Get

  • Exam & certification fee included - Write the exam on the final day of the course; exam and certification fees are included. Completed exams are forwarded to PECB for processing and issuance of professional certification. ** Some conditions apply.
  • A copy of the ISO 27001 & 27003 standards
  • A student manual containing the presentation slides and practical exercises used during the course (approximately 450 pages)
  • A certificate of course completion from CIMA for 31 CPE (Continuing Professional Education) hours,
  • An opportunity to network with others working in this area

Cost

$2,695

Prerequisites

ISO 27001 Introduction Course plus practice experience, Foundation certification, or a basic knowledge and experience in managing the implementation of ISO 27001 / ISO 27002 ISMS is recommended.

Instructional Approach

This training is based on the alternation of theory and practice:

  • Sessions of lectures illustrated with examples based on real cases
  • Practical exercises based on a full case study including role plays and narrative presentation
  • Review exercises to assist the exam preparation
  • Practice test similar to the certification exam
  • Given the practical exercises, the number of training participants is limited

* Please review the certification criteria on PECB's website before registering for this course to ensure you are eligable.

** CIMA reserves the right to change the schedule, location, cost or incentives for any event without notice. The price for any training reservations already booked prior to any change made by CIMA, will be honored.

**** Live Online registrants should register at least 30 days in advance of the course in order to receive the training manual prior to the first day of the course. Having the material with you during the course is not mandatory, as the presentation slides will be displayed during the course, however they would be helpful in reviewing the material prior to taking the exam. Online students will be responsibile for shipping cost for all student material.

***** Live Online students will need to take their exam online through PECB, additional fee may apply. Information will be provided after registration.

 

Certified ISO 27001

Lead Implementer Course

Mastering the implementation and management of an Information Security Management System (ISMS) based on ISO 27001

CIMA will be donating $200 towards seed funding for the new ISC2 South Florida Chapter from each registration!

Summary

This is an intensive five-day course enabling participants to develop the expertise to support anISO 27001 LI organization in the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001:2005. Participants will also master the best practices to implement information security controls from all areas of ISO 27002. This training is consistent with the good practices of project management established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). This training is also fully compatible with ISO 27003 - Guidelines for the Implementation of an ISMS, ISO 27004 - Measurement of Information Security and ISO 27005 - Risk Management in Information Security.

Learning Objectives

  • To understand the application of an Information Security Management System as perscribed by ISO 27001
  • To master the concepts, approaches, standards, methods and techniques required in an effective management of an Information Security Management System
  • To understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To develop the expertise to support an organization in the implemention, management and maintaince of an ISMS as perscribed by ISO27001
  • To develop the expertise to manage a team that is implementing the ISO27001 standard
  • To develop the knowledge and skills required to advise organizations on best practices in management of information security as perscribed by ISO 27001
  • To improve analysis and decision making capabilities in the context of information security management

Course Curriculum

Day 1: Introduction to the management of an Information Security Management System (ISMS) based on ISO 27001 and launching an ISMS

  • Introduction to management systems and the process approach
  • Presentation of the standards ISO 27001, ISO 27002 and ISO 27003 and regulatory framework
  • Fundamental principles of Information Security
  • Preliminary analysis and determining the level of maturity of the existing information security management system based upon ISO 21827
  • Writing the business case and preliminary design of the ISMS
  • Developing a project plan of compliance to ISO 27001

Day 2: Planning an ISMS based on ISO 27001

  • Defining the scope of the ISMS
  • Drafting the ISMS and information security policies
  • Selection of the approach and methodology for risk assessment
  • Risk management according to ISO 27005: identification, analysis and treatment of risk
  • Drafting the Statement of Applicability

Day 3: Launching and implementing an ISMS based on ISO 27001

  • Implementation of a document management framework
  • Design of controls and writing procedures
  • Implementation of controls
  • Development of a training & awareness program and communicating about the information security
  • Incident management according to ISO 27035
  • Operations management of an ISMS

Day 4: Control, act and the certification audit of the ISMS according ISO 27001

  • Monitoring the ISMS controls
  • Development of metrics, performance indicators and  dashboards in accordance with ISO 27004
  • ISO27001 internal Audit
  • Management review of the ISMS
  • Implementation of a continuous improvement program
  • Preparing for the ISO 27001 certification audit

Day 5: Exam


Examination and Certification

  • The “ISO 27001 Lead Implementer” exam fully meets the requirements of the PECB Examination Certification Programme (ECP). The exam covers the following competency domains:
    • Domain 1: Fundamental principles and concepts of information security
    • Domain 2: Information Security Control Best Practice based on ISO 27002
    • Domain 3: Planning an ISMS based on ISO 27001
    • Domain 4: Implementing an ISMS based on ISO 27001
    • Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001
    • Domain 6: Continuous improvement of an ISMS based on ISO 27001
    • Domain 7: Preparing for an ISMS certification audit
  • The “ISO 27001 Lead Implementer” exam is available in different languages (the complete list of languages can be found in the examination application form)
  • Duration of the exam: 3 hours
  • After successfully completing the exam, participants can apply for the credentials of ISO27001 Provisional Implementer, ISO27001 Implementer or ISO27001 Lead Implementer, depending on their level of experience
  • A certificate will be issued to participants who successfully passed the exam and comply with all the other requirements related to the selected credential