ISO 27001:2013 – Information Security Management System
Increase your knowledge about ISO 27001:2013 and its controls. Protect data confidentiality, integrity, and availability in any organization.
What you’ll learn
- ISO 27001 Overview
- ISO 27001 Annex A Controls
- ISO 27002 Clause 6.2 Teleworking Overview
- ISO 27002 Clause 8 Asset Management Overview
- ISO 27002 Clause 13 Communication Security Overview
- Understand the need for Network Security
- Understand Segregation of Network Services
- Familiarize yourself with common Network Attacks
- Understand different Control Types
- Understand what a defensive strategy may comprise of
- Understand the security of Information Transfer
- Understand policies and procedures related to electronic messgeing
- Understand the need for Agreements of Information Transfer & Confidentiality and NDA Agreements
Show moreShow less
This course is about ISO 27001:2013. The lecture style is presentation-with-voiceover. Firstly, I’ll be explaining an overview of the standard at a high level. Then I will be discussing different clauses and controls in more detail. I’ll be updating this course regularly to cover more and more areas in depth. Examining the curriculum content is going to help you understand the coverage.
So far, I’ve covered:
Annex A Control: Teleworking
Annex A Control: Asset Management
Annex A Control: Cryptography
Annex A Control: Communication Security
This standard is about creating an Information Management System. The goal of an ISMS is to protect the confidentiality & integrity of data while ensuring availability. You can apply this system to any type of organization of any size. It’s based on the same core high-level structure as other management systems. The main clauses include:
Context of the organization
Leadership
Planning
Support
Operation
Performance Evaluation
Improvement
The second part of the standard is about controls. They are listed in Annex A, and are grouped into different categories. They provide organizations with a set of tools that can be used to achieve the objectives of their management system. The list is not exhaustive and more controls do exist and can be implemented. Regardless, it’s important to understand the controls mentioned in Annex A and determine if they are applicable or useful to your organization.
Who this course is for:
- This course is about ISO 27000 family of standards. It’s for people who want to increase their knowledge about this family of standards. I will be covering various clauses in this standard.
User Reviews
Be the first to review “ISO 27001:2013 – Information Security Management System”
You must be logged in to post a review.
There are no reviews yet.