|
SEMINARS and WORKSHOPS- Information Security Management System |
| |
I - Introduction to ISMS - Personnel education Introduction
|
|
|
|
Description: |
|
|
Includes lectures: |
|
|
• history and standards of information security |
|
|
• methodologies (Risk Management, Business Continuity Planning) |
|
|
• education and certification (U.S. Department of Defense approved baseline certification): A+, Network+, Security+, CISA, CISM, SCNP, SCNA, GSEC, GSLC, GSE, GSF, CISSP |
|
|
• Education and certification - IRCA (ISMS - ISO 27001): internal auditor, lead auditor |
| |
• undergraduate and postgraduate studies (UK);
licensed penetration tester, forensic investigation, incident specialist, wireless practitioner, certified data center specialist, ...
other certificates (CBCP , BCCS, ITIL, NS_CCNA, SOX, QICA, CSTS, ...); other: Ethical hacker, LPE, CFIA, ... |
|
|
• seminars, books, online resources, educational and exam centers |
|
|
|
Purpose: |
Basic information on education and certification of personnel for information security. |
|
Prerequisite: |
- |
|
Basic: |
- |
|
Advance: |
- |
|
Workshop: |
- |
|
Duration: |
1 day - 3 x 1 hour |
|
Study materials: |
script |
|
Trainer: |
ISMS consultant |
|
Exam: |
- |
|
Certificate: |
- |
|
|
|
|
| |
A - Introduction and awareness to ISO 27001:2005
|
|
|
Description: |
|
|
Including lectures |
|
• history and standards of information security |
|
• overview and requirement of standard ISO 27001 |
|
• documentation and records requirements: implementation and management of ISMS |
|
• methodologies (Risk Management, Business Continuity Planning) |
|
• audits and certifications - integrated management systems (ISO 9001, ISO 14001, OHSAS 18001, ISO 20000) |
|
|
Purpose: |
Introduction to information security according I SO
27001:2005.
Preparation for workshops and advanced training. |
Prerequisite: |
- |
Basic: |
- |
Advance: |
B, C, D |
Workshop: |
C |
Duration: |
1 day - 4 x 1 hour |
Study materials: |
script |
Trainer: |
ISMS Lead auditor or ISMS IRCA auditor |
Exam: |
- |
Certificate: |
yes |
|
|
|
|
| |
| |
|
AE - Implementation of ISMS workshop |
|
|
| |
|
|
Description: |
Including production of documentation and records, by dedicated group workshops |
|
• requirements (ISO 27001 and ISO 27002 (ISO 17799)) |
|
• analyzing and interaction of business processes and IT technologies |
|
• Risk management (Risk Assessment, Risk Validation, Risk Treatment Plan) |
|
• objectives and policies of information security |
|
• detailed policies, procedures and working instructions - controls from Annex A of standard ISO 27001 |
|
- passwords, internet, e-mail, antivirus, spam, ... |
|
- confidentiality and integrity, data structures, back-up, human resources security, ... |
|
- suppliers, outsourcers and legal requirements and regulations, ... |
|
• equipment, devices, infrastructure, maintenance |
|
• education, awareness and communication |
|
• Statement of Applicability |
|
• processes and activity management and control - dedicated applications |
|
• statistics and analyses - recording and reporting |
|
• internal audits and control |
|
• nonconformities and incidents, ... |
|
• corrective and preventive activities |
|
• management review and PDCA |
|
|
Purpose: |
Detailed explanation of requirements of standard with examples of documentations and records. Preparation for or coordination of development of Information security management system in company. |
Prerequisite: |
- |
Basic: |
|
Advance: |
- |
Workshop: |
- |
Duration: |
16 days (in 8 weeks)- 4 x 1 hour per day |
Study materials: |
standard, script, examples of documentations and records |
Trainer: |
ISMS Lead auditor or ISMS IRCA auditor |
Exam: |
- |
Certificate: |
yes |
| |
| |
B - ISO 27001:2005 Internal auditor
|
|
|
|
Description: |
|
|
Including lectures, exercise and workshops (individual
and teamwork), and final exam. |
|
1 .History and standards of information security |
|
2. ISO 27000 group of standards. Requirements of ISO 27001:2005 and ISO 27002 (ISO 17799) |
|
3. Controls of Annex A. Documentations and records |
|
4. Types of audits. Certification of ISMS |
|
5. Procedure and activities of audit |
|
•preparation |
|
•performing |
|
•reporting |
|
6. Auditor requirements |
|
7. Final test |
|
|
Purpose: |
Education of personnel included in preparation or implementation or supervision of ISMS. |
Prerequisite: |
- |
Basic: |
- |
Advance: |
C, D |
Workshop: |
AE |
Duration: |
2 days - 6 x 1 hour; + option of 1 day workshop (C) |
Study materials: |
script |
Trainer: |
ISMS Lead auditor or ISMS IRCA auditor |
Exam: |
1 hour |
Certificate: |
yes |
| |
|
| |
C - WORKSHOPS
|
1 |
|
ISO 27001 in banking and financial services |
|
2 |
|
ISO 27001 and Croatian National Bank guidelines (+ legal requirements in region) |
|
|
|
|
|
3 |
|
ISO 27001: Risk Management, Data recovery, Business Continuity Planning |
|
4 |
|
ISO 27001: implementation, documentation and exemplification of controls of Annex A |
|
5 |
|
ISO 27001: requirements for documentation and records |
|
| |
|
|
|
6 |
|
ISO 27001 in hospitality and services industry |
|
7 |
|
ISO 27001 in industrial production systems |
|
8 |
|
ISO 27001 for ICT companies |
|
9 |
|
ISO 27001 in local government |
|
| |
|
|
|
10 |
|
ISO 27001 and methodologies: COBIT, NIST 800s series, FISCAM, GAISP, OCTAVE, SW-CMM, ... |
|
| |
|
|
|
D - LEAD AUDITOR TRAINING
|
| |
|
ISMS (ISO 27001) Lead auditor training course (IRCA certified)  |
|
| |
|
|
|
| |
|
Type |
Location |
Month |
|
Type |
Location |
Month |
A |
Croatia
BIH
Macedonia |
03-2010
04-2010
05-2010 |
|
A |
Croatia
|
03-2010
04-2010
|
B |
Croatia |
04-2010 |
|
B |
Croatia |
05-2010 |
C1 |
BIH
Macedonia |
06-2010
06-2010 |
|
C9 |
Croatia
|
06-2010
06-2010
06-2010 |
C9 |
Croatia
BIH
|
09-2010
09-2010
|
|
C6
C7 |
Croatia
Slovenia
|
09-2010
09-2010 |
|
|
| |
|
All materials for seminars and workshops included in price. Refreshment and lunch included in price.
Documentation for seminars outside Croatia are in Croatian and English language.
Discounts available for more attendants from the same company or training on the location of client. |
|
| |
|
|
|
| |
|
e-mail: info27001@adriakon.hr |
|
|
|
Adria, Kon, Prodan, Vladimir, Buzet, Istra, Istria, Hrvatska, Istarska, Primorsko Goranska županija, Rijeka, kvaliteta, quality, assurance, management, upravljanje, kvalitetom, sustav, upravljanja, 9001, 9002, ISO, 14001, 18001, HACCP, 17799, BS 7799, 27001, hazard, analysis, critical, control, point, konzalting, consulting, risk management, savjetovanje, savjetodavne, savjetnička, savjetnik, poslovno, informatičko, software, program, posredovanje, usluge, ekologija, Croatia, Kroatien, Croazia, Zagreb, informacijskom sigurnošću, informacijska sigurnost, smjernice HNB, centralna banka, smjernice za upravljanje informacijskim sustavom u cilju smanjenja operativnog rizika, Basel II
|
