Certified ISO 27001 Foundation and Lead Implementer Combination Training Course

Training course outline

Certified ISO 27001 Foundation course

The starting point for all prospective project managers and members of any ISO 27001 implementation project team, this Foundation-level course provides a complete introduction to the ISO 27001 standard and an overview of the key implementation activities.

Certified ISO 27001 Lead Implementer course

The flagship of our ISO 27001 Implementation Learning Pathway, this advanced-level course is focused on developing the in-depth knowledge and skills required to implement and deliver an ISMS.

COVID-19: remote delivery options

We would like to reassure our clients that all training courses will go ahead as scheduled during the current COVID-19 situation. As a company that fully embraces flexible and remote working, we have adjusted our delivery methods to allow you to learn from anywhere. Our Classroom / Live Online delivery option enables you to attend either in person or online. Please also refer to our COVID-19 policy.

ISO 27001 Foundation and Lead Implementer training course benefits

Developed by experts

Developed by acknowledged ISO 27001 experts Alan Calder and Steve Watkins, and drawing from their industry-leading knowledge.

A complete masterclass on ISO 27001 requirements

Provides a complete introduction to the requirements of ISO 27001, and covers all the activities required to plan, implement and maintain an ISO 27001-compliant ISMS.

Fast-track to ISO 27001 certification

Develop the skills required to achieve ISO 27001 compliance for your organisation.

Delivered by professionals

Real-world practitioners show you how to tackle an ISMS project from start to finish.

Hands-on-study

An experienced ISO 27001 trainer and consultant will use a combination of formal training, practical exercises and relevant case studies.

Achieve GDPR compliance

Achieve two internationally recognised ISO 27001 qualifications in just four days.

Who should attend this course?

Anyone involved in information security management, writing information security policies or implementing ISO 27001, either as a lead implementer or as part of an implementation team:

IT/ Information Security Consultant

IT/ Information Security Manager

IT/ Information Security Officer

IT/ Information Security Project Manager

Cyber security consultant

Head of IT

CISO (Chief Information Security Officer)

GDPR Consultant

IT/ Information security analyst

ISMS Manager

Network manager

Operations/ Quality manager

Why choose IT Governance for your training needs?

We’re internationally recognised as the authority on ISO 27001 – our team led the world’s first ISO 27001 certification project, and since then we have trained more than 8,000 professionals on information security management system (ISMS) implementations and audits.

Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.

Learn from anywhere – as a company that fully embraces flexible and remote working, we have adjusted our delivery methods to allow you to learn from anywhere. Our Classroom / Live Online delivery option enables you to attend either in person or online.

Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*

Choose the method that suits you – we offer classroom, instructor-led online, self-paced online, e-learning and in-house training options.

Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.

Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.

* conditions applicable

Course details

What does this training course cover?

Why information security management (ISM) is important to an organisation.

The key concepts, principles and main requirements of ISO/IEC 27001:2013.

The terms and definitions used in the Standard, including risk and options for risk assessments.

How to interpret the requirements of ISO/IEC 27001:2013 to determine the scope of your ISMS.

How to secure senior management commitment by building a compelling business case.

How to structure and manage your ISO 27001 project.

How to review and map your existing controls to Annex A of ISO 27001.

The importance of the Statement of Applicability (SoA), and justifications for inclusions and exclusions.

How to carry out an information security risk assessment – the core competence of information security management.

How to develop a management framework, write policies and produce other critical documentation.

The importance of staff, an effective communication strategy and general awareness training.

How to prepare for your ISO 27001 certification audit and ensure you that you pass first time.

How to manage and drive continual improvement under ISO 27001.

Course agenda:

Course agenda (day 1):

Drivers for ISO 27001.

Standards: what they are and why they are important.

Documentation and Management Systems.

Certification.

Management Commitment.

Overview of ISO 27001.

Implementing ISO 27001: Scoping, Planning, Communication.

Risk Assessment and Security Controls.

Summary.

Course agenda (day 2-4):

Project mandate

Project initiation

ISMS initiation

Management framework

Baseline security criteria

Risk management

Implementation

Annex A controls

Measure, monitor, review and improve

Certification

What’s included in this course?

A professional training venue with lunch and refreshments.

Full course materials (digital copy provided as a PDF file).

The ISO 27001 Certified ISMS Foundation (CIS F) exam.

The ISO 27001 Certified ISMS Lead Implementer (CIS LI) exam.

A certificate of attendance.

What equipment do I need?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 9.30 am – 5.00 pm
Day 2: 9:30 am – 5:00 pm
Day 3: 9:00 am – 5:00 pm
Day 4: 9:00 am – 5:00 pm

Course locations

Learn from anywhere with our instructor-led Live Online courses, or Classroom / Live Online delivery options. Learn more.

Alternatively you can study in a classroom at one of our venues in London or Ely (Cambridgeshire).

Are there any prerequisites for this course?

No prior knowledge or qualifications are required and the course content is suitable for non-technical and technical staff.

Is there any recommended reading?

We strongly recommend you purchase and read the standard prior to attending the course:

ISO IEC 27001 2013 and ISO IEC 27002 2013

We also recommend that you purchase and read the following textbooks:

ISO 27001/ISO 27002 – A Pocket Guide

An Introduction to Information Security and ISO 27001:2013 – A Pocket Guide

Exams and qualifications

The ISO 27001 Certified ISMS Foundation (CIS F) exam:

Delivery method: Online

Duration: 60 minutes

Questions: 40

Format: Multiple choice

Pass mark: 65%

The ISO 27001 Certified ISMS Lead Implementer (CIS LI) exam:

Delivery method: Online

Duration: 60 minutes

Questions: 40

Format: Multiple choice

Pass mark: 75%

Both the ISO 27001 Foundation and Lead Implementer exams are set by IBITGQ ( International Board for IT Governance Qualifications ). There are no extra charge for these exams.

This course is equivalent to:

25

CPD points

What qualifications will I receive?

Certified ISO 27001 ISMS Lead Implementer (CIS LI).

Certified ISO 27001 ISMS Foundation (CIS F)

Accreditation

This course is accredited by IBITGQ, as well as CIISec (The Chartered Institute of Information Security) , it satisfies the CIISec Knowledge Areas requirements at Level 1: A1, A3, A7, C1, C2, D2, E3, F2, H1 and H2; and at Level 1+: A2, A4, A5, A6, B1, B2, D1, E1, E2, F1 and G1

IBITGQ (International Board for IT Governance Qualifications) is a personnel certification body that certifies individuals in the field of IT governance.

IBITGQ is accredited to the ISO/IEC 17024:2012 standard ( Conformity assessment – General requirements for bodies operating certification of persons ) by IAS (International Accreditation Service). ISO 17024 is a global, industry-recognised benchmark, and qualifications accredited to this standard are recognised and highly valued by employers throughout the world.

You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the IBITGQ/ GASQ successful candidate register .

The PCI SSC (Payment Card Industry Security Standards Council) has indicated that it accepts GASQ certifications in relation to the IBITGQ-accredited courses as meeting the requirements of an individual applying to become a PCI DSS (Payment Card Industry Data Security Standard) QSA (Qualified Security Assessor).

How will I receive my exam results and certificates?

Provisional exam results will be available immediately after completing the exam. Confirmed exam results will be issued within ten working days from the date of the exam.

Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.

Results notifications and certificates are emailed directly to candidates by the relevant exam board; please note that hard-copy exam certificates are not issued.

Do I need proof of identity to take the exam?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.

Ways to learn

Learn from anywhere with our range of instructor-led courses

Wherever you are in the world, you can now attend an IT Governance online course, and get the full benefit of a classroom session.

To make your life as easy as possible, we offer 3 ways to attend an instructor-led course:

Classroom

Our instructor-led courses are hosted at professional training centres located in major cities across the UK.

Learn more

Live Online

Our