Duration: 2 days
Dates: April 29, 2019
Programme Director: Prof. Sudeep S.
Fees: Rs. 16,000 (Non-Residential), Rs. 28,000 (Residential) Plus GST @18%
"Information Security" is the main buzz word among CEOs, CIOs, IT Managers, Employees and other stakeholders of any Company right now. With increasing reliance on Information Technology for the conduct of business, every Company is very much concerned with the - Confidentiality, Integrity and Availability" of “Information” it handles. Systematic management of information requires implementation of a proper Information Security Management System (ISMS) in an organization. The ISO/IEC 27001:2013 Standard brought out by International Organization for Standardization in the year 2013 provides a robust framework for implementing ISMS in an organization. Implementing world-class ISMS in the organization, and get it certified are definitely a competitive advantage. This course is designed for an information security specialist or IT professionals who are looking for the details of the ISO/IEC 27001:2013 and a how-to guide for implementing ISMS effectively.
Learning the skills to become a successful ISO 27001:2013 implementation specialist is not an easy task for a person with no prior knowledge of ISMS or ISO implementation process. The focus of this course is to introduce this complex topic by adopting the “learning-by-doing” pedagogy. The participants are encouraged to learn the practical aspects of ISO 27001:2013 implementation process by involving them in solving a series of “hands-on” assignments. By adopting this approach, the participants could pick-up lot of practical knowledge and useful insights which they could apply during their ISMS implementation process.
|1||The Importance of Information Security Introduction to Information Security Management System|
|2||Requirements of a Formal ISMS and Establishing a Management Framework Dissecting ISO/IEC 27001 Security Controls|
|3||Determination of Scope of Information Security Management System Identification & Classification of Information Assets|
|4||Determination of Values of Information Assets Identification, Assessment and Treatment of Risks|
|5||Determination of Policies & the Degree of Assurance Required from Controls Select Appropriate ISO/IEC 27001 Control Objectives|
|6||Development of Relevant Polices, Standards & Procedures Implementation of Policies, Standards and Procedures Completion of ISMS Documentation Requirements|
|7||Audit and Review of ISMS|
|8||Course Review & Exam|
Dr.Sudeep has fifteen years of experience in Information Technology & Management training domain. He has more than seven years of experience in teaching post graduate management students. He has held position of Professor & HOD (IT & IB) at MES-Advanced Institute of Management and Technology, Marampally, Aluva and Associate Professor at Mar Thoma School of Management Studies, Edachira, Kakkanad. He started his career as a software developer and specialized in Java Technology. He was involved in the design and implementation of a number of software projects, both domestic and off-shore. Later on, he turned his focus on providing Information Security consulting. His current consulting work area involves design, implementation and auditing of Information Security Management Systems for leading companies. He has been part of ISMS implementation or auditing projects of some of the major Financial, Software and other sectors companies.
He holds graduate degree in Physics (B.Sc.) from M.G Universtiy,Kottayam, post graduate degree in Management (Master of International Business) from School of Management Studies,Cochin University of Science & Technology,Cochin and Ph.D in Management from Cochin University of Science & Technology,Cochin. He is a Certified Information Systems Auditor (CISA), ISACA, ISO 27001:2013 Lead Auditor (IQ Management Systems, UK) & Business Professional Programmer (DOEACC “O"-Level). He is a Lead Trainer for IRCA approved ISO 27001:2013 Lead Auditor course offered by IQ Management Systems, UK. He has conducted a number of workshops & training courses on Information Security area for corporates and individuals. He has published articles on information security related areas in leading journals & has presented papers on National Seminars.
He is a member Association for Computing Machinery (ACM, US) & Information Systems Audit and Control Association (ISACA, US). He is an active member of ISACA Cochin Chapter and had held many Board positions including the post of Vice President. He is a regular faculty for CISA Review Course conducted by ISACA Cochin Chapter. He was awarded with "Senior Member" grade by ACM, US in August 2009 for his professional & academic achievements in the field of information technology.
FORE School of Management has been designing, developing and conducting innovative Executive Education (EE)/ Management Development Programmes (MDPs) for working executives in India for over three decades.