Implementing Isms From Scratch (Iso 27001 Lead Implementer)

Information Security Management System

What you'll learn

Building an effective ISMS from scratch, information security governance

Information Security Risk Management - From risk identification till its mitigation

Information Security Compliance- To comply with IT (Security) laws and regulations

Creating information security policies from scratch

Thinking from auditors point of view while building an ISMS

Requirements

Basic Understanding of IT

Good to have but not mandatory, skills/experience in one or more domains like Network Security, IAM topics, Cloud & Security, Software Security, Penetration testing, etc

Description

Welcome to the Course!In this comprehensive program, you will learn how to build an Information Security Management System (ISMS) from the scratch, using ISO 27001  as the foundational standard. Every clause of ISO 27001 is thoroughly explained to ensure a deep understanding. This course is designed to provide pure knowledge and practical insights.Unlike traditional courses that rely solely on slide presentations, this course incorporates a real-time online whiteboard to explain concepts dynamically. Additionally, you will see partial or whole creation of critical ISMS documentation  live during the lessons—these documents are essential to implementing an effective ISMS.Key topics covered include:End-to-end coverage of the ISO 27001 standard to build an ISMS from scratchGovernance in Information SecurityRisk Management, including Third Party Risk ManagementCompliance requirements for Information SecurityHow to develop an Information Security Policy from scratch, with examples and practical live demonstrationInsights on how to approach ISMS implementation from an auditor’s perspectiveAll documents created during the course videos are provided within the relevant sections and lectures for easy reference and download.Recommendations: 1. Please watch the entire course before beginning ISMS implementation in your organization to ensure a solid foundation.2. For better sound quality, please use earphones while watching the videos.

Overview

Section 1: Introduction and Course basics

Lecture 1 Introduction about myself and the course

Lecture 2 Basics terms and definitions

Lecture 3 Information about ISO 27001 Certification

Lecture 4 ISO 27001 Standard and ISO 27002 Control Guidelines (document walkthrough)

Section 2: Clause 4 of ISO 27001 Standard

Lecture 5 Clause 4.1

Lecture 6 Clause 4.2 - Part 1

Lecture 7 Clause 4.2 - Part 2

Lecture 8 Clause 4.3

Lecture 9 Clause 4.4

Section 3: Clause 5 of ISO 27001 Standard

Lecture 10 How to create/write a policy of Information Security

Lecture 11 Concept of a process / procedure

Lecture 12 More information about Controls

Lecture 13 Clause 5.1

Lecture 14 Clause 5.2

Lecture 15 Clause 5.3

Lecture 16 Reading/understanding Annex A controls; Logging and Monitoring Policy

Section 4: Risk Management - Important for Clause 6 and Clause 8 of ISO 27001 Standard

Lecture 17 Introduction - Risk Management

Lecture 18 Defining Criticality of Information/Data types

Lecture 19 Third Party Risk Management - Part 1

Lecture 20 Third Party Risk Management - Part 2

Lecture 21 Third Party Risk Management - Part 3

Lecture 22 Risk Management for Organizational Processes

Lecture 23 Statement of Applicability (SOA)

Section 5: Clause 6 of ISO 27001 Standard

Lecture 24 Clause 6.1.1

Lecture 25 Clause 6.1.2 and Clause 6.1.3

Lecture 26 Clause 6.2

Lecture 27 Clause 6.3

Section 6: Clause 8 of ISO 27001 Standard

Lecture 28 Risk Register and whole Clause 9

Section 7: Clause 7 of ISO 27001 Standard

Lecture 29 Clause 7.1

Lecture 30 Clause 7.2

Lecture 31 Clause 7.3

Lecture 32 Clause 7.4

Lecture 33 Clause 7.5 - Part 1

Lecture 34 Clause 7.5- Part 2

Section 8: Clause 9.1, 9.2 of ISO 27001 Standard

Lecture 35 Clause 9.1 (KPIs)

Lecture 36 Clause 9.2 (Internal Audit)

Section 9: Clause 10 and 9.3 of ISO 27001 Standard

Lecture 37 Clause 10

Lecture 38 Clause 9.3

Section 10: How to comply to a Law or Regulation

Lecture 39 How to comply to a Law or Regulation

Section 11: Summary of ISMS implementation

Lecture 40 Summary of ISMS implementation

Beginners & experienced professionals in Information Security GRC (Governance, Risk, Compliance) domain,IT Experts,SOC Engineers/Analysts/Professionals (Any position),Professionals working in Cybersecurity/ IT Security (Any position)