Information Security
Seminars
Trainings
Workshops
Roundtables
Information Security Management for Data Professionals (according to ISO 27000)
What does information security management encompass? How can it be anchored, controlled and monitored in operational data governance?
Which legal requirements and standards support the implementation?
Learning objectives
In a pleasant, open atmosphere, learn about the legal, organizational and technical basics of information security, as well as requirements for the
planning, implementation and maintenance of an Information Security Management System (ISMS) in companies.
Experienced experts certified to ISO/IEC 27000 will guide you through the requirements, application areas and process steps of a professional ISMS, and will use practical examples to show approaches to systematic implementation and monitoring.
Similarities and differences to other legal regulations, in particular the requirements of data protection, are shown as well as approaches for effective anchoring with data protection.
effective anchoring with data governance & operational data management disciplines.
Format
- 1-day seminar, 09:00 – 17:00
- Lectures, discussion and group work
- incl. catering
- incl. materials
Target group
- Specialists and managers in the data-driven environment
- All decision makers, project and program managers from business units, IT and data management
- IT & Data Governance leaders and managers
- IT and data governance consultants
Price
- Seminar: 970,- € per person
- Seminar + Expert Coaching (3 x 1h, as needed) = 1.280,-€
All prices per person plus VAT
For in-house team seminars with individual content, we will be happy to make you a suitable offer. Please contact us.
You will learn and experience:
Basics
- Basics of information security and management systems
- Definition and components of an ISMS (Information Security System)
- Overview of norms and standards
- Basic questions if, when and how the introduction of an own ISMS is reasonable and necessary
- Who is responsible for what? Legal framework.
ISO/IEC 27000 series
- Organization and structure Standards series
- Definitions, requirements, guidelines
Requirements, objectives and measures ISO/IEC 27001
- The High Level Structure of ISO/IEC 27001
- Scope and references
- Terms
- Context of the organization
- Management, planning, support
- Operations
- Assessment and improvement
Related standards
- ISO 9000 series (quality management)
- ISO/IEC 20000 series (IT service management)
- ISO/IEC 15408 (Common Criteria for IT curity Evaluation)
- COBIT & ITIL
- BSI IT-Grundschutz (requirements according to § 8a BSI law)
- Requirements according to the IT security catalog
- Certification possibilities according to ISO/IEC 27000
Role of technologies
