PECB Certified ISO 27001 Transition
Training duration: 16 ac h (2 days).
Target audience:
Individuals seeking to remain up-to-date with ISO/IEC 27001 requirements for an ISMS
Individuals seeking to understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022 requirements
Individuals responsible for transitioning an ISMS from ISO/IEC 27001:2013 to ISO/IEC 27001:2022
Managers, trainers, and consultants involved in maintaining an ISMS
Professionals wishing to update their ISO/IEC 27001 certificates
Prerequisites: earlier practical exposure in auditing
Contents of this training
Become acquainted with the differences between ISO/IEC 27001:2013 and
ISO/IEC 27001:2022
The new version of ISO/IEC 27001 has been recently published and is now aligned with the new version of ISO/IEC 27002,
which was published in February, 2022. The major changes between ISO/IEC 27001:2022 and ISO/IEC 27001:2013 are noticed
in the information security controls of Annex A, whereas a few other minor changes are present in the clauses of the standard
too. Furthermore, the title of ISO/IEC 27001:2022 differs from the title of ISO/IEC 27001:2013, as now the standard is titled
Information security, cybersecurity and privacy protection — Information security management systems — Requirements.
The “PECB ISO/IEC 27001 Transition” training course provides detailed information on the revised clauses, the new terminology,
and the differences in the controls of Annex A. Additionally, this training course provides participants with the necessary
knowledge to support organizations in planning and implementing the changes in their ISMS to ensure conformity with ISO/IEC
27001:2022. As such, you will be able to participate in projects to transition from an ISMS based on ISO/IEC 27001:2013 to an
ISMS based on ISO/IEC 27001:2022.
Once you become acquainted with the new concepts and requirements of ISO/IEC 27001:2022 by attending the training course,
you can sit for the exam, and if you successfully pass it, you can apply for the “PECB Certified ISO/IEC 27001 Transition” credential.
This certificate will prove that you have up-to-date knowledge and professional capabilities to successfully update an ISMS based
on the requirements of ISO/IEC 27001:2022.
Specific course content will include
- Day 1
- Training course objectives and structure
- Standards and regulatory frameworks
- Overview of the changes between ISO/IEC 27001:2013
and ISO/IEC 27001:2022 - Changes in clauses 4 to 10 of ISO/IEC 27001
- Day 2
- Annex A — Organizational controls
- Annex A — People controls
- Annex A — Physical controls
- Annex A — Technological controls
- Closing of the training course
Intended outcome
Learning objectives:
- Explain the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022
- Interpret the new concepts and requirements of ISO/IEC 27001:2022
- Plan and implement the necessary changes to an existing ISMS in accordance with ISO/IEC 27001:2022
Price includes:
- training;
- certification exam voucher;
- course materials;
- certification of attendance the course.
Continuing Education Curriculum Group: Interdisciplinary Information and Communication Technology Curriculum Group
Trainer
-
Andro Kull
Andro Kull during his career, has worked in both sectors, public and private. In the previous years he has worked for the financial sector with regards to IT and information security, and for the energy sector with regards to IT risks, where security and continuity demands are very high. Kull started his career as IT specialist and IT manager, and has worked extensively as IT auditor and as IT risk manager for one of the largest company in Estonia. At the same time, he founded a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning (BC), planning for recovery (DR), and crisis management mostly in public sector organizations.
The international environment is not new to Andro Kull, since he has participated in the European Central Bank internet payment security working group. Kull has been cooperating with the IT banking supervisors on an international level. Furthermore, he has organized one international conference in Tallinn. In addition, he has worked for European Union DG Connect as advisor connected with IT risk management recommendations development.
Andro Kull holds a PhD degree from the University of Tampere, concentrating on the IT oversight and compliance verification methodologies, and he currently is lecturing IT risk and information security management issues at the University of Tallinn.