Information is always the most important asset to any organization, no matter how big or small it is. Nothing as valuable as the company’s own financial and technical data then protecting it plays crucial role to the organization. Therefore, Information Security Management Systems(ISMS) shall be the function in place to protect and in the end secure company’s information assets from potential risks inside and outside their organization.
Furthermore, the asset are in various format range from paper-based information to electronic or soft copy version. All-of-all, the implementation always depends on how the respective data is created, stored, archived and destroyed. The course emphasizes on how ISMS with ISO27001 could be used as an effective tool for establishing a robust information security (InfoSec) systems.
In details, at the end of this training, participants will be able to:
- Have good knowledge on InfoSec Management, its technical and management controls
- Understand InfoSec standard and framework
- Have deep understanding on ISO27001
- Value stakeholder’s priorities and assets
- Commence required resource
- Document InfoSec plan and procedure
- Design InfoSec strategy
- Implement and maintain InfoSec Management Systems
- Understand InfoSec Management, its components and standards
|1||Commence InfoSec Management standard of ISO27001||3|
|2||Value security organization and policy||2|
|3||Implement asset classification and control||3|
|4||Elaborate personnel, physical and environmental security||1|
|5||Understand segregation of duties and confidentiality agreements||1|
|6||Assess access control and change control||2|
|7||Commence privilege and password management||2|
|8||Value incident management||2|
|9||Identify implementation risks and success factors||3|
|10||Conduct Gap Analysis||3|
|11||Plan for continuous assessment||2|
In order for effective learning and full appreciation, the course will be delivered with 30% of the time devoted to important concepts and other theory topics and 70% allotted for hands-on lab exercise and case studies. Training lead will be assisted by presentation slides and actual demonstrations for clear understanding and smooth follow-through during the sessions. Active participation will be encouraged through individual work and collaborative effort.
Officers, supervisors and managers or any personnel who are eager to understand, have the know-how, enhance, improve their skills and better practices in Information Security Management with ISO27001 within their organization.
A seasoned enterprise technologist and now budding entrepreneur with 14 years of experiences comprises 12 years of training and education, 7 years of strategic partnership, 8 years of IT Audit, 4 years of service delivery, 8 years of writing and courseware, as well as 6+ years of consulting, software development, project management and network administration.
He has been actively serving as ISACA Subject Matter Expert and Exam Developer along with PMI Program Evaluator and Guest Lecturer in top-tier universities for Master and Undergraduate program, both physical and online, in Indonesia and the U.S.
Various strategic positions he has helmed are Vice Chairman and Acting Chairman, Executive Board Member, Co-Founder, Country Channel Manager, Project Lead and Group Leader. Thus far his project engagement involves broad activities of consultancy, training, content, courseware, copywriting, information systems, enterprise application, programs, web development, to translation.
Today he also has written triple digit articles concerning ICT, management and business in a variety of local and foreign, in leading media and companies. His areas of training are IT Audit, IT Project Management, IT Governance, IT Service Management, COBIT, PMBOK, SEO and Social Media.
Companies he has delivered his trainings are UMW Sdn Bhd, Malaysia Securities Commission, SME Bank, PLN, CIMB Niaga, Aero Systems, Newmont Nusa Tenggara, Artha Graha Bank, Artajasa, Prodia Widyahusada, Thiess, Boehringer Ingelheim, Hokinda Citralestari, DPLK, BPD Jabar Banten, Lintas Media Danawa, Cahaya Listrindo and Universitas Krida Wacana.