ISO/IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEM BASIC TRAINING

Recent high-level information security breaches and the value of information emphasize the growing need for companies to protect their information. The Information Security Management System (ISMS) is a controlled administrative approach to keeping sensitive company information secure. It covers people, processes and Information Management Security Systems.

It is a training given to the staff who will be directly involved in the standardization activities, determined from the information processing staff who carry out the information processing activities of the institution at the beginning of the works to establish the ISO/IEC 27001 Informatıon Technology -- Security Techniques -- Information Security Management Systems – Requirements Standard’s requirements in institutions and organizations.

The purpose of this course is to provide the participants with the skills necessary for an ISMS application that meets the requirements of ISO 27002 and meets the certification criteria of ISO 27001: 2013. This course offers a framework to participants.

ISO / IEC 27002 APPLICATION TRAINING:

Information security is very important for you and your customers. This course is a comprehensive day-to-day training on International Standard for Information Security Management (ISO 27001: 2013) that deeply scrutinizes all commercial aspects.

Within the scope of training; essential requirements of the ISO / IEC 27001 Standard and the practical applications explained in in ISO / IEC 27002 Information Technologies - Security Techniques - Practical Practices for Information Security Management for the requirements for each of those specified in Annex A of the ISO / IEC 27001 Standard are included.

Participants will learn about:

  • Information security,
  • The purpose of the standard,,
  • Control objectives and controls,,
  • The importance of basic controls,
  • The effects of implementing ISO 27001: 2013 on an organization,
  • The effects of documentation and commercial pressures,
  • Penalties for non-compliance.
  • IRCA APPROVED ISO / IEC 27001 INTERNAL AUDITOR TRAINING:

    It is a two-day training for personnel who will audit in accordance with ISO / IEC 27001 Standard.

    ISO/IEC 27005 RISK EVALUATION TRAINING:

    According to ISO/IEC 27001 standard It is the first step in the systematic approach to the definition of the establishment of risk assessment.

    The organization has to define a risk assessment methodology that is consistent with defined business information security, legal and regulatory requirements. So, criteria for accepting risks for acceptable risk levels is developed.

    INFORMATION SECURITY AWARENESS TRAINING:

    Within the context of installation consultancy of ISO/IEC 27001 Information Security Management System or where required, it is a two-hour training provided, to all employees of institutions.

    EIn the scope of training, information is given about the rules that all employees should obey in order to ensure the continuity of compliance with information security standards in institutions.

    INFORMATION SECURITY MANAGEMENT TRAINING FOR TOP MANAGEMENT OF INSTITUTIONS:

    It is a two-hour training to inform, direct and raise awareness of senior management on information security.

    BS 10012 – PERSONAL DATA PROTECTION STANDARD TRAINING FOR PERSONAL INFORMATION MANAGEMENT SYSTEM:

    Provides information on the requirements for the implementation of the BS 10012 Standard to be established to ensure the confidentiality, integrity and accessibility of personal information stored/operated at the organization.

    Data protection and security issues are becoming increasingly critical for organizations. To this end, Personal Information Management Systems (PIMS) are established in the institutions. BS 10012; sets standards for these systems.

    Establishment of PIMS principles, inclusion of PIMS in institutional culture, provision of conformity is the scope of BS 10012.

    If you are going to be a Registered Electronic Postal Service Provider (REPSP), you must have BS 10012 standard. Another standard mandated by the Directive is ISO/IEC 27031.

    ISO/IEC 27799 HEALTH INFORMATICS -- INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 STANDARD TARINING:

    It is the training that provides information about the requirements of the ISO/IEC 27799 standard that will be established to ensure the confidentiality, integrity and accessibility of personal health information stored/processed in the health sector and to ensure compliance with the standards for the exchange of health information between institutions and countries.

    ISO/IEC 27011 INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR TELECOMMUNICATIONS ORGANIZATIONS STANDARD TARINING:

    It’s a training in order to ensure the continuity of the confidentiality, integrity and accessibility of the information stored/processed especially in telecommunication related with the requirements of the ISO/IEC 27011 Standard.

    ISO/IEC 27019 INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- INFORMATION SECURITY MANAGEMENT GUIDELINES BASED ON ISO/IEC 27002 FOR PROCESS CONTROL SYSTEMS SPECIFIC TO THE ENERGY UTILITY INDUSTRY STANDARD TARINING:

    This training provides information on the requirements of the ISO / IEC 27019 Standard taking into account the security measures to be taken in energy sector in order to ensure the continuity of the confidentiality, integrity and accessibility of information stored in the sector.

    ISO/IEC 27031 INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- GUIDELINES FOR INFORMATION AND COMMUNICATION TECHNOLOGY READINESS FOR BUSINESS CONTINUITY STANDARD AWARENESS TARINING:

    It provides a comprehensive understanding to the Participant about Business Continuity Management (BCM) and the new ISO/IEC 27031 standard issued by the BSI. Practical exercises and instructor-led discussions provide students with a sense of what conditions are required to initiate a 27031 practice project in this one-day training and enable them to direct their companies to decision 27031 and a business continuity management system.

    It is the training that gives information about the requirements of ISO/IEC 27031 Standard which determines all activities and measures that should be fulfilled in order to ensure business continuity by considering dependency on information technologies in all sectors.

    ISO/IEC 27031: 2011 standard which is published in March 2011; includes the requirements for ensuring business continuity of institutions. The content/purpose of this standard is;

  • To propose processes and architects to provide business continuity to private sector or state institutions,
  • To support the ISMS (Information Security Management System) in the institutions. Describe the requirements for design and implementation, taking into account performance criteria. The purpose of these definitions is again business continuity. There are only security-related standards.
  • It aims to increase the resistance of the organization against the disasters. To be prepared for continuity, security and disasters.
  • Organizations that have the following certifications are actually involved in this standard as well. We can say standards are complementary to each other;

  • ISO/IEC 27001,
  • ISO 2239PAS,
  • ISO 23301.
  • COMPUTER FORENSIC TRAINING:

    Computer Forensic Education includes contemporary technologies and methods, and education is mostly provided by applications that support the theoretical knowledge and reinforce this knowledge. It covers the processes of reporting the validity of the evidence obtained during the review without any deterioration and unchanged and submitting it to judicial authorities. The training is provided by trainers with internationally recognized certification.