Course Duration: 3 Days

The modern threats that businesses face on a daily basis from the rapid development of technology and the ever-increasing volume of information, force them to implement a system that manages the security of their information. One such Information Security Management system is the ISO/IEC 27001:2022 standard.

The training course aims to inform about the necessity of implementing Information Security Management Systems, the benefits that organizations will derive from their implementation, and how they can proceed with the implementation and certification of the system they have implemented. After the completion of the training course, the participants will have a comprehensive knowledge of how to apply Information Security Management Systems based on the ISO/IEC 27001:2022 standard.

The standard contains 10 thematic modules, which examine the key areas of information management and are analyzed in the training program:

• Information security policy: detailed understanding of any company’s business objectives and creation of the appropriate information security policy
• Information security infrastructure: formation of the appropriate administrative framework to begin implementing and controlling information security within any company
• Asset classification and control: detailed recording of any company’s corporate resources and determination of the level of security required for these resources
• Personnel security: reducing risks from human errors, thefts, frauds or misuse of corporate resources, as well as ensuring that the personnel of any company are aware of the information security policy and are applying it in their daily work
• Physical and environmental security: preventing any unauthorized access, damage and interference to the business facilities and to the information
• Computer network management: ensuring the proper and secure operation of the information processing capabilities, minimizing the risk of computer systems being put out of service, protecting the integrity of software and information, ensuring the protection of information in networks and related infrastructure
• Access control: controlling any access to information, ensuring the protection of networks, preventing any unauthorized access to computers, detecting any unauthorized activities
• System development and maintenance: aiming to ensure that the necessary security is included in the operating system, to prevent the loss, modification or misuse of application user data, to ensure that programs and support activities are managed in a secure manner
• Business continuity planning: designing a response to any disruptions in business activities and critical business processes resulting to significant failures and disasters
• Compliance: avoiding any violations of criminal or civil law, legal, regulatory or contractual obligations and security requirements

To find out about the cost of the courses, contact us. BQC adjusts its pricing policy for the unemployed and students. Every second participation from the same company will have a 10% discount.