ISO/IEC 27001:2022 – Information Security Management System

The modern business threats that businesses face on a daily basis from the rapid development of technology and the ever-increasing volume of information force businesses to implement a system that manages the security of their information

Such an Information Security Management System based on the ISO/IEC 27001 standard, offers effective protection from various business risks and threats

Program Duration: 2 Days

The training program aims to inform about the necessity of implementing Information Security Management Systems, the benefits that businesses/organizations will derive from their implementation, and how a business/organization can proceed with the implementation and certification of the system it has implemented.

Upon completion of the training program, participants will receive comprehensive knowledge on the subject of Information Security Management implementation based on the ISO/IEC 27001:2022 standard.

The standard contains 10 thematic modules, which examine the key areas of information management and are analyzed in the training program:

Information Security Policy: Detailed understanding of the company’s business objectives and creation of the appropriate information security policy.

Information Security Infrastructure: Formation of an administrative framework needed to begin implementing and controlling information security within the company.
Asset classification and control: Detailed recording of the company’s corporate resources and determining the level of security required for these resources.
Personnel Security: Reducing risks from human error, theft, fraud or misuse of corporate resources, as well as ensuring that personnel are aware of the information security policy and apply it in their daily work.
Physical and Environmental Security: Preventing unauthorized access, damage and interference to business facilities and information as well as any loss, damage or interruption to business activities.
Computer Network Management: Ensuring the proper and secure operation of information processing capabilities, minimizing the risk of computer systems being put out of service, protecting the integrity of software and information, ensuring the protection of information in networks and related infrastructure.
Access Control: Controlling access to information, ensuring the protection of networks, preventing unauthorized access to computers, detecting unauthorized activities.
System Development & Maintenance: This section aims to ensure that the necessary security is included in the operating system, to prevent the loss, modification or misuse of application user data, to ensure that programs and support activities are managed in a secure manner.
Business Continuity Planning: Designing a response to disruptions in business activities and critical business processes that are the result of significant failures or disasters.
Compliance: Avoiding violations of criminal or civil law, legal, regulatory or contractual obligations and any security requirements

To find out about the cost of the programs, contact us. BQC adjusts its pricing policy for the unemployed and students. Every 2nd participation from the same company will have a 10% discount.