New EGI Service: ISO 27001 Information Security Training

Sy Holsinger introduces the new service

EGI Foundation welcomes a new addition to its training and certification services: Information Security Management according to ISO/IEC 27001. ISO/IEC 27001 is part of the ISO/IEC 27000 family of standards designed to help organisations keep information assets secure. It is complementary to FitSM, with similar principles towards implementing management systems and diving deeper into areas around information security such as risk management and implementing technical, physical and organisational information security controls.

Value of ISO/IEC 27001:

  • Ensures that security risks are appropriately managed and prioritised
  • Guards organisations against information security risks
  • Protects the data entrusted to organisations
  • Supports fulfillment of legal responsibilities (e.g. GDPR)

The courses are split into:

  • Foundation level (2 days) focusing on providing the fundamentals of Information Security and how to implement a management system (ISMS) in organisations through a combination of people, processes and IT systems.
  • Professional level (3-4 days) for managers and personnel working to implement, maintain and operate information security within an organisation. Achieving the ISO/IEC 27001 Professional level provides an additional role-based certification “Information Security Officer”.

EGI delivers trainings in two ways:

  • Open Registration: for individual registrations; organised at a pre-determined date and location;
  • In-House: for organisations needing several members of staff to be trained; date and location of the training are mutually agreed.

The first ISO 27001 Foundation training will take place in Amsterdam, from 19 to 21 September. A formal certification will be offered to all participants of the course that successfully pass the final exam. The training topics include:

  • Introduction to ISO/IEC 27001
  • Foundations of Information Security Management Systems (ISMS)
  • ISO/IEC 27001 – Minimum requirements and security controls
  • Selected practical recommendations and guidelines
  • Related standards and frameworks
  • Certification options according to ISO/IEC 27001