Information Security Foundation based on ISO/IEC27002 Factsheet

ITIL v3 Foundation

with Case Study

ITIL v3

Foundation Bridge

ITIL v3

Foundation

e-LearningISO/IEC

27002

ISO/IEC20000

ITIL v3 Awareness

ITIL v3

Managing Across

the LifecycleInformation Security Foundation based on ISO/IEC27002

Certificate:

ISO27002 Foundation Certificate

Duration:

3 days

Course Delivery:

Classroom or Virtual Classroom

Languages:

English, Spanish, Japanese, Portuguese, Dutch, French, Italian, German

Reference Materials:

Additional reference materials are not required for this course.

About the Examination:

The exam is closed book with forty (40) multiple choice questions. The pass score

is 65% (26 out of 40 questions). The exam lasts 60 minutes. The exam can be taken

Paper based.

Prerequisites:

There are no pre-requisites for this course, although a basic knowledge of Service Management concepts will be helpful.

Credits:Project Management Institute –Professional

Development Units (PDUs) = 21

Target Audience:This is an introductory course for everyone

in an organization who is involved with the information management lifecycle. The

module is also suitable for small independent businesses for which some basic knowledge

of information security is necessary. This module may be a good start for new

information security professionals.

Introduction:The ISO27002 standard was formerly known as the ISO17799 standard, and is a code of practice for information security. It outlines eleven security categories, with several control objetives and a wide range of controls. They may be implemented under the framework provided within ISO 27001. It outlines hundreds of potential controls and control mechanisms and may be implemented under the guidance provided within ISO27001.

The ISO27001 standard may be used for the design of the information security process and contains the requirements of an Information Security Management System (ISMS).

The ISO27002 standard, which is also known as the “Code for Information Security” or the “Code of Practice,” contains control measures for various topics in the field of information security. The ISO27002 standard covers organizational, procedural, physical, technical and logical aspects of information security.

Course Approach: During this course, participants will learn, through a number of interactive sessions, the most significant aspects of the ISO27002 standard, its objectives, requirements, value to the organization, and its relation with the ISO27001 standard as well as with other standards. Additionally, participants will learn about the benefits and improvements that may be achieved by organizations that have an ISO27001-certified ISMS.

Objectives:Through the interactive sessions and practical experiences, this course presents the following concepts:

• Information and security: Basic concepts, the value of the information and the importance of its reliability

• Threats and risks: The relationship between threats and reliability

• Approach to the organization of the Information Security Policies

• Security measures: Organizational, procedural, physical, technical and logical aspects

• Legislation and regulations: Its importance and compliancy implications

• Design and implementation of the ISMS according to the ISO27001 standard

• Certification of the ISMS according to the ISO27001 standard

Duration:The Information Security Foundation based on ISO27002 is a three-day course that prepares participants for the ISO27002 certified exam (optional), which is an integral part of the course’s curriculum.

®

RegisteredEducationProvider

ProjectManagementInstitute

KEDAR Information Technologies, Inc.

w w w . K E D A R i t . c o m

Target AudienceThis is an introductory course for everyone in an organization who is involved with the information management lifecycle. The module is also suitable for small independent businesses for which some basic knowledge of information security is necessary. This module may be a good start for new information security professionals.

PrerequisitesNone

CertificationThis course prepares the participant for the official exam and to obtain the ISO27002 Foundation Certificate.

Curriculum• Information and security

• Threats and risks

• Approach and organization

• Measures

• Legislation and regulations

Course OutlineInformation Security Management

• Security standards and best practices

• An overview of the ISO27002:2005 standard

• Information and security concepts

The Security Process

• Objectives

• Activities: Risk analysis and management.

• Control implementation: Physical measures, technical measures and organizational measures

• Legislation and regulations

ISO27001: Design and Implementation

• The Information Security Management System

• Establishing the scope

• Documentation requirements

• ISMS implementation

• The certification process

Exam

Number of Participants6-16 students

About KEDARit: KEDARit is a premier training organization that offers a full range of IT best practice training courses designed to meet the needs of business and technology leaders responsible for IT Service Management. We have trained over 6000 IT Professionals over the last 10 years and our courses and workshops are designed by business and technology management professionals with many years of proven, operational experience, and certifications in their respective fields.

The key to success for our clients in today’s complex business and IT environment is the ability to:

• Reduce cost,• Improve delivery of IT services,• Scale spending to meet business

objectives, and• Achieve greater proactive problem

management and resolution.

Courses are offered either through scheduled public open-enrollment dates and cities, or through personalized on-site course delivery. Personalized on-site course delivery is for companies that want to have our instructors apply lecture materials to their unique business challenges, so their leaders can focus on solutions and consensus about solutions during the course.

Our instructor staff delivers the highest quality training materials and instruction available. The situation-based format enhances learning and allows attendees to effectively apply their knowledge to the materials.

Our KEDARit Solutions “KITS” enable clients to achieve and sustain greater lean business and technology management.

© Copyright 2012 by KEDAR Information Technologies, Inc. All rights reserved.R.E.P.® is a registered service and membership mark of Project Management Institute, Inc.

PMI® is a registered trade and service mark of Project Management Institute, Inc.

This course may be delivered as part of our public class schedule at one of our facilities, as an onsite private class at your facility, or through our virtual classroom. Customization provides the opportunity to design a tailored training program that supports the organization most effectively

while still getting the benefits of Technical & Industry Best Practices training. Our training experts will work closely with you to develop a training program

based on your organization’s needs. To inquire about fees and your delivery options please email us at

registrar@KEDARit.com or call us at 1-972-317-3577