fbpx

PECB Certified ISO 27001 Lead Implementer (inglise keeles)

Koolituse maht: 32 akadeemilist tundi (4 päeva).

Sihtgrupp:

  • infoturbe juhid
  • asutuste ja ettevõtete tippjuhid, keskastme juhid
  • spetsialistid, kellel on vaja välja töötada infoturbe protsesse
  • IT-üksuse töötajad, juhid, spetsialistid
  • elutähtsa teenuse osutajad, kvaliteedikontrolli töötajad

Koolitusel osalemise eeldused (soovitavalt): varasem praktiline kokkupuude talitluspidevuse korraldamisega või auditeerimisega.

Koolituse kirjeldus

Infoturbe juhtimise koolitus võimaldab osalejatel saada põhiteadmised ja oskused infoturbe juhtimissüsteemi (Information Security Management System – ISMS) väljatöötamiseks ja rakendamiseks vastavalt rahvusvahelisele ISO/IEC 27001 standardile. Osalejad saavad hea ülevaate infoturbe protsesside planeerimisest ning juurutamisest. Läbi praktiliste harjutuste ja juhtumianalüüside omandavad osalejad kogemuse infoturbe edukaks juhtimiseks ning tulemuste kommunikeerimiseks.

Koolitusele järgneval päeval on võimalik sooritada rahvusvaheline sertifikaadieksam (inglise keeles). Positiivse eksamitulemuse olemasolul ja töökogemuse tingimuste täitmisel on osalejatel võimalik omandada rahvusvaheliselt tunnustatud „PECB Certified ISO/IEC 27001 Lead Implementer“ sertifikaat.

Koolitaja: PhD Andro Kull, certified ISO 27001 Lead Implementer

Koolituse teemad

  • Day 1
    • Introduction to ISO/IEC 27001 and initiation of an ISMS
    • Course objectives and structure
    • Standards and regulatory frameworks
    • Information Security Management System (ISMS)
    • Fundamental principles of Information Security Management Systems
    • Initiating the implementation of an ISMS
    • Understanding the organization and clarifying the Information Security objectives
    • Analysis of the existing management system
  • Day 2
    • Plan the implementation of an ISMS
    • Leadership and approval of the ISMS project
    • ISMS scope
    • Information Security policies
    • Risk assessment
    • Statement of Applicability and top management`s decision to implement the ISMS
    • Definition of the organizational structure of Information Security
  • Day 3
    • Implementation of an ISMS
    • Definition of the document management process
    • Design of security controls and drafting of specific policies & procedures
    • Communication plan
    • Training and awareness plan
    • Implementation of security controls
    • Incident Management
    • Operations Management
  • Day 4
    • ISMS monitoring, measurement, continuous improvement and preparation
      for a certification audit
    • Monitoring, measurement, analysis and evaluation
    • Internal audit
    • Management review
    • Treatment of non-conformities
    • Continual improvement
    • Preparing for the certification audit
    • Competence and evaluation of implementers
    • Closing the training

Koolituse õpiväljundid

Koolituse edukal läbimisel osaleja:

  • acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks;
  • master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS;
  • learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization;
  • learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS;
  • acquire the expertise to advise an organization in implementing Information Security;
  • management System best practices.

 

Koolitushind sisaldab:

  • koolitust;
  • õppematerjale osaleja valikul kas digitaalselt (pdf);
  • eksamivautšerit;
  • koolitaja konsultatsiooni õpitud teemade kohta e-posti teel pärast koolitust;
  • tunnistust koolitusel osalemise kohta.

Lisaks pakume:

  • vajadusel tasuta korduskoolitust kui tunned, et mõni oskus vajab täiendamist või pidid endast mittesõltuvatel põhjustel koolituse katkestama;
  • sooje jooke koos küpsistega.

 

Täienduskoolituse õppekavarühm: informatsiooni- ja kommunikatsioonitehnoloogia interdistsiplinaarne õppekavarühm

Tags:

Kuupäev

13.juuli 2020 - 16.juuli 2020

Kellaaeg

4 päeva
09:00 - 16:30

Hind

1980€ +km

Asukoht

Lõõtsa 5, Tallinn
või veebi teel osaledes

Koolitaja

  • Andro Kull
    Andro Kull

    Andro Kull during his career, has worked in both sectors, public and private. In the previous years he has worked for the financial sector with regards to IT and information security, and for the energy sector with regards to IT risks, where security and continuity demands are very high. Kull started his career as IT specialist and IT manager, and has worked extensively as IT auditor and as IT risk manager for one of the largest company in Estonia. At the same time, he founded a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning (BC), planning for recovery (DR), and crisis management mostly in public sector organizations.

    The international environment is not new to Andro Kull, since he has participated in the European Central Bank internet payment security working group. Kull has been cooperating with the IT banking supervisors on an international level. Furthermore, he has organized one international conference in Tallinn. In addition, he has worked for European Union DG Connect as advisor connected with IT risk management recommendations development.

    Andro Kull holds a PhD degree from the University of Tampere, concentrating on the IT oversight and compliance verification methodologies, and he currently is lecturing IT risk and information security management issues at the University of Tallinn.