This Course is Currently Available "Live Online" Only (On-site Training Class Availability is Currently Suspended)
To develop a well-rounded understanding of the standard's expectations, we will be drawing upon best practices from ISO 27001, 27002, 27003, 27004, 27005, 27017, 27034, 27035, 55000 among others. This approach enables students to understand the requirements for the design, development, implementation and ongoing maintenance of an ISO 27001-based information security management system, as well as the expectations of ISO certification auditors.
Enrollment for our next Certified ISO 27001 Lead Implementer Course
scheduled for April 12 - 16, 2021 closes at 5:00 PM (US Eastern Time Zone) on April 2, 2021
The time remaining for registration is:
Important to Notes:
1. Training seats are limited, and we do not maintain a waiting list for courses as they book up fast. As such, registration may be closed before the above time, when fully booked.
2. Registration closes at 5:00 PM on the Friday, 2 weeks before the first day of each course, to allow time for us to send electronic versions of course-ware and mandatory communications to each student. The final registration date for each course is posted on the respective course registration page.
Who Should Take This Course?
Help Me Understand How This Course Relates to Me
Select the role that best suite your situation
(links to case studies here coming soon)
Schedule, Registration, and Cost
Registration for our training, can now only be done on the website of the Information Security Leadership Forum.
It is important to note, due to significant member discounts offered, all persons seeking to register for certification training must now first register as a member of the Forum (a $125 fee to save $2,495).
The registration fee of $2,495 (USD), is currently being waived, and students are only required to pay the
$500 certification exam and application fees, upon registration.
1. On-site Training Class Availability is Subject To - No Local Pandemic or Protest / Rioting Restrictions. Where Restrictions Are In Place, The Course will Revert to Live Online.
2. If an early registration discount has been offered for a course, but is no longer visible on the course registration page, then the offer has expired and is no longer available to redeem.
Day One - Introduction and Planning for an Information Security Management System (ISMS)
- Course introduction
- A primer on the ISO 27000 family of standards and guides
- An ISO 27001 ISMS
- Acclimating to the organization
- Business Process Mapping
- Performing an Asset Inventory to support a risk assessment
- Defining ISMS Program Goals & Priorities
- Defining the scope of the ISMS
Day Two - Planning for an ISMS and Risk Management
- Build the Business Case for an ISMS
- Understand perform the mandatory legal & regulatory review
- Develop an ISMS Statement of Applicability
- Fundamentals of a risk assessment
- Perform a Gap and Impact Assessment, and prepare a mitigation plan
- Developing an ISMS Program Charter
- A practical approach to developing governance for your ISMS
Day Three - Develop and Implement ISMS
- Develop an SMS Performance Management Program
- Develop an ISMS Communications Program
- Implement the Mitigation Plan Implementation
- Operational Transfer and Acceptance of ISMS services
Day Four - Management Oversight, Auditing and Managing an ISMS based on ISO 27001
- Familiarization with the ISO 27001 Annex A Control Objectives & Controls
- Understanding the mandatory requirement for an independent security assessment
- Develop an Internal Audit program to support an ISMS
- The requirements for an ISMS Leadership Review, and continuous improvement
- The ISMS certification process
- Establishment and ongoing management of Information Security Incident Plan to satisfy ISO 27001 requirements
Day Five - Practical & Written Certification Exams
- Morning: 3 hour written exam
- Afternoon: Practical Exam - Formal Presentation of Business Case To Executive Panel
1. Both written and practical exams are mandatory, in order to meet the certification requirements set out by the Information Security Leadership Forum, this course's certifying body.
2. Formal business attire is mandatory for you practical exam. Please be sure to pack / dress appropirately. Men are required to wear a jacket and tie, and women the equivalent.
When designing our Certified ISO 27001 Lead Implementer Course, great care is taken to identify key areas the course must focus on in order to ensure student achieve the goals the course was setup to accomplish. These learning objectives are highlighted as follows:
Understand the application of an Information Security Program as prescribed by ISO 27001.
Master the concepts, approaches, standards, methods and techniques required for the effective management of an organizational Information Security Program
Familiarity with the various sub-programs under an Information Security Program, and their interrelationships to establish a holistic enterprise information security program.
Develop the expertise to lead an organization in the design, development, implementation, management and maintenance of an Information Security Program
Familiarity with the subject matter experts and stakeholders that need to be engaged, and how to apply their expertise to support an organization in the establishment of an Information Security Management System
Develop fundamental knowledge and skills required to manage a team that is implementing the ISO27001 standard
What You Get!
What each student will receive
Certification Exam Information
What you need to know