Information Security

ISO/IEC 27001

ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.

• ISO/IEC 27001 Introduction
• ISO/IEC 27001 Foundation
• ISO/IEC 27001 Lead Implementer
• ISO/IEC 27001 Lead Auditor

ISO/IEC 27002

ISO/IEC 27002 is an international standard used as a reference for selecting and implementing information security controls listed in Annex A of ISO/IEC 27001. It also provides guidance on the best practices of information security management that help organizations select, implement, and manage controls, policies, processes, procedures, and organizational structures’ roles and responsibilities

• ISO/IEC 27002 Introduction
• ISO/IEC 27002 Foundation
• ISO/IEC 27002 Manager
• ISO/IEC 27002 Lead Manager

Risk Assessment Methods

Understanding how to effectively assess risk may be a challenge for many industries. The risk assessment methods: OCTAVE, EBIOS, and MEHARI, will provide you with the sufficient knowledge on how to successfully identify and assess risk in your organization

ISO/IEC 27005

ISO/IEC 27005 provides guidelines for the establishment of a systematic approach to Information Security risk management which is necessary to identify organizational needs regarding information security requirements and to create an effective information security management system. Moreover, this international standard supports ISO/IEC 27001 concepts and is designed to assist an efficient implementation of information security based on a risk management approach.

• ISO/IEC 27005 Introduction
• ISO/IEC 27005 Foundation
• ISO/IEC 27005 Risk Manager
• ISO/IEC 27005 Lead Risk Manager

ISO/IEC 27035

In today’s business world, information security incidents are considered to be uncertain risks which can seriously damage a business. Thus, organizations must take actions to promptly identify, evaluate and effectively manage the incidents. The ISO/IEC 27035 Information Security Incident Management is an international standard that provides best practices and guidelines for conducting a strategic incident management plan and preparing for an incident response.

• ISO/IEC 27035 Introduction
• ISO/IEC 27035 Foundation
• ISO/IEC 27035 Lead Incident Manager

Human Resources Security

The Human Resource Security discipline is designed to examine key controls applied before, during, and after the hiring of human resources. These controls include but are not limited to the definitions of roles and responsibilities, recruitment, contracting terms and conditions, awareness, education and training, disciplinary processes, termination of activities.