ISO 27001:2022 Complete Training – Implement and Audit ISMS

سرفصل های دوره

Mastering ISO 27001: Become a Lead Auditor and Lead Implementer for ISO/IEC 27001 " Cyvitrix Learning ISO Training

1 - Introduction to ISO 27001

1 -Course Introduction

2 -Introduction to ISO 27001 Standard

3 -Inter-relation between ISO 27000 Family of Standards

4 -Key ISO Standards

5 -What is the Management System

2 - The Management System Implementation Journey

1 -STEP 1 # Obtaining Management Support, Setting up the Project Management

2 -STEP 2 # Define the Scope, Develop the HLP, and Risk Assessment and RTP

3 -STEP 3 # Writing the SoA (Statement of Applicability)

4 -STEP 4 # Control Evaluation & Implementation and Awareness

5 -STEP 5 # Operating and Monitoring the Management System

6 -STEP 6 # Internal Audit, Management Review and Addressing Nonconformities

3 - Understanding the ISMS (Information Security Management System)

1 -Information Security, Confidentiality, Integrity, and Availability (CIA Triad)

2 -Key Security Principals

3 -Why Security Governance is Crucial

4 -Clause 4 Context of the Organization

5 -Organizational Structure

6 -Relation between Departments

7 -Separation of Duties

8 -Strategy and Plans

9 -Legal and Regulatory Requirements

10 -Security Standards and Regulations

12 -Governance and Management

13 -Management Buy-In

14 -Clause 6 Planning

15 -Gap Analysis

16 -Project Managment and PMO

17 -Project Scheduling Tools

18 -RACI Matrix

19 -Owner, Custodian

4 - Risk Assessment and Risk Management

1 -Risk Management

2 -Risk Terminologies

3 -Risk Identification

4 -Risk Analysis

5 -Risk Evaluation and Response

6 -ISO 31K & 27005

7 -Security Controls Overview

8 -Acquiring New Control, Process and Procedures and POC

9 -Control Objective

10 -Control Selection & Implementation

11 -Control Documentation

12 -Asset Management

13 -Asset Lifecycle

5 - Support and Documentation Requirements

1 -Clause 7 Support

2 -Policies

3 -Standards

4 -Procedures and Guidelines

5 -Development and Review of Policies

6 -Importance of resources, competence, and awareness

7 -ISMS Documentation

8 -Documented information and control of documents

9 -Communication requirements within the organization

10 -Structure and requirements for Management System documentation

6 - Operational Planning and Control

1 -Clause 8 Operation of the Management System

2 -Managing external vendors and service providers

3 -Supply Chain Risk Management

4 -Personnel Security - HR Security

5 -Security Awareness Training

6 -HR Policy

7 -Building Incident Response Program

8 -Operational Logs Management

9 -Threat Intelligence and CERT

10 -Network Security Management Policies

11 -Network Segmenation

12 -Firewalls

13 -Sandbox

14 -Content Filtering

15 -WAF

16 -SSL Decryption

17 -Network Access and BYOD Policies

18 -Internet Access, Email & Remote access Policy

19 -Patch Management

20 -Configuration Management

21 -Change Management

22 -Financial, Portfolio and Capacity Management

23 -Server, Software, Backup Policies

24 -Identity Access Management

25 -Privileged Access Management

26 -User Account, Password and Access Control Policies

27 -Data Lifecycle

28 -Data Classification

29 -Building Data Governance Program

30 -Data Protection Measures

31 -Data Leakage Prevention

32 -Digital Rights Management

33 -Data Protection, Encryption, Classification Policies

34 -Data Disposal

35 -Data Privacy Overview

36 -Privacy Policy

7 - Business Continuity and Resiliency and Incident Response

1 -What is BIA, DRP, BCP

2 -Understand RPO & RTO

3 -Recovery Sites

4 -Business Continuity Policy

8 - Physical Security

1 -Physical Security

2 -Data Center Security

3 -Environmental Controls

4 -Clear Desk, AUP & Physical Security Policy

9 - Software Development Security

1 -Software Development Process

2 -Software Development Methodologies

3 -Use Case, Abuse Case and SRTM

4 -Software Functional Testing

5 -Software Security Testing

10 - Module 6 Performance Evaluation and Continuous Monitoring

1 -Clause 9 Performance Evaluation

2 -Information System Auditing

3 -Internal and External Auditing

4 -Audit Committee and Charter

5 -Audit Process

6 -Conducting Audit

7 -Collecting Evidences

8 -Evaluation of Controls

9 -Sampling

10 -Audit Reporting

11 -Certification vs Accreditation

11 - Continual Improvement and Corrective Actions

1 -Clause 10 Improvement

2 -Understanding nonconformities and corrective actions

3 -Control Monitoring and Evaluation

4 -Identifying and monitoring KPIs

5 -Risk Monitoring and Reporting

6 -The Continues Monitoring Program

7 -Quality Controls and Quality Assurance

8 -Performance Evaluation and PDCA

9 -Preparing for certification audits

10 -Navigating certification stages and maintaining compliance

179,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy