Preparing Your Organization for ISO 27001:2013 Compliance/Certification

ISO/IEC 27001 is an international standard for information security. Companies around the world implement the standard to demonstrate to customers that they meet a strong level of security. This course will guide you through the process of certification.
Course info
Rating
(22)
Level
Intermediate
Updated
Jan 10, 2020
Duration
4h 13m
Table of contents
Course Overview
ISO/IEC 27001 Fundamentals of the Standard
A.8 Asset Management
Risk Management
A.5 Information Security Policies
A.6 Organization of Information Security
A.7 Human Resource Security
A.9 Access Control
A.10 Cryptography
A.11 Physical and Environmental Security
A.12 Operations Security
A.13 Communications Security
A.14 System Acquisition, Development and Maintenance
A.15 Supplier Relationships
A.16 Information Security Incident Management
A.17 Information Security Aspects of Business Continuity Management
A.18 Compliance
Certification Preparations
Description
Course info
Rating
(22)
Level
Intermediate
Updated
Jan 10, 2020
Duration
4h 13m
Description

27001 is one of the top globally recognized information security standards in the world. In this course, Preparing Your Organization for ISO 27001:2013 Compliance/Certification, you will learn what it takes to prepare your organization for the certification process. First, you will talk through the fundamental pieces that must be in place to start the process. Next, you will go through each domain in the Annex A to understand what an auditor is looking for from your organization if you choose to implement that control. Finally, you will discover the last bits around certification preparations as well as the parts that are ongoing to remain in compliance. When you have finished with this course, you will understand the process required to become certified.

About the author
About the author

Mike is an information security manager who has worked in the IT field for 17+ years. The focus of Mike's career now centers on pentesting and risk assessments. An active member in the infosec community and attends or speaks at various conferences.

More from the author
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, everyone. My name is Mike Ward and welcome to my course in preparing your organization for Isil 27,000 won 2013 Compliance and certification. I am a risk in compliance manager at a global organization with ice 0 27,000 won implemented across offices around the world as well as a certified iess mislead implementer 27,000 won is with the top globally recognised information security standards in the world. And with new data privacy legislation being passed daily, it will continue to gain popularity as organizations look for how to be in conformity with new laws and best practices. This course is not a regurgitation of the standard, but rather a compliment to it and walks you through an overview of the process to be certified. It then steps through each of the clauses and controls in the annex of the standard and gives you guidance on what the order is looking for so you can focus on what is important and streamline your preparation process. Some of the major topics that will cover include developing the awesomest manual, conducting risk assessments in your business, setting a scope in statement of applicability, then we'll walk through all 14 security control clauses in touch on the 114 controls in the annex. By the end of this course, you should have a better understanding of the process to be certified, and the work involved in getting their certification is not an overnight process and depending on the size of the organization and scope involved, could take weeks, months or even a year to prepare. Sit back, grab a copy of a standard and get ready to fill your notebook with an amazing advice you will receive in this course preparing your organization for Isil 27,000 won 2013 compliance and certification here at Pluralsight.