Audit leader ISO 27001:2013
With the growing development and demand for information security systems, this course allows you to improve, develop the core capabilities, knowledge and skills required to perform audits in accordance with the certification process. Also it will allow you to master auditing techniques and management by being part of said teams.
Objectives:
- To clarify and strengthen concepts in information security management auditing.
- To provide audit tools, continuous improvement and risk management aim at information security.
- To learn and navigate the structure of ISO 27001.
- Develop auditing skills applied to ISO 27001, ISO 19011 and ISO 17021 standards.
Pre-requisites:
This course requires the demonstration of prior knowledge on the requirements of the standard ISO/IEC 27001:2013 and/or other related standards through previously completed courses and/or work experience in the ISMS area.
Risk Management ISO 27005
The current generation of management systems, and especially of information security, has risk management as a formal, structured and suitable tool to protect information assets and those on which they are supported, starting from the identification of vulnerabilities and threats, the quantification of the probability as well as the impact and the best formula for the deployment of controls.
ISO 27005 is an international guide that offers good practices in risks associated with information security. These practices can also be used in business continuity management and in general by any environment that requires risk management.
Objectives:
At the end of the course students will be able to:
- To clarify and strengthen concepts in information security risks.
- To provide tools for management, analysis and assessment of the risk associated with information security.
- To learn and navigate the structure of ISO 27005.
- Develop auditing skills applied to ISO 27005.
Cybersecurity Management ISO 27032
This international standard seeks to address aspects of security in the cyberspace in a way that considers all security domains in a proactively manner , preparing for, detecting, monitoring and responding effectively to attacks. In turn, this standard makes use of the aspects of communication and collaboration among stakeholders, confidence-building, incident management and mutual learning.
Pre-requisites
Basic knowledge of information security.