ISO 27001 Training

IP3 is partnering with Veridion to provide the best certified and professionally registered educational programs to enable you and your firm to achieve the world standard of Information Security Management.

Created in 2005, Veridion specializes in training and audit services (ISO 27001, ISO 27002 and others) related to compliance and information security. Veridion offers courses in several languages around the world: global vision with a local approach.

As a leader in training and audit services (ISO 27001, ISO 27002 and others), in the compliance and information security field, Veridion nurtures close relationships with its clients thanks to its network of global partners. Through this network, Veridion delivers the best combination of value and know-how to their clients, meeting their needs with an insightful mix of local partnerships and international service options.

ISO 27001 Senior Management for Senior Management (1 Day)

This workshop allows senior management members of an organization to understand the implementation of an information security management system framework based on ISO 27001 from a strategic point of view as well as its implications at the corporate governance level. Based on the main legal, regulatory, contract and normative issues facing companies, the workshop introduces the ISO 27001 prerequisites as well as the different stages of its implementation: risk management, risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to audit certification.

ISO 27001 - ISMS Lead Auditor (5 days)

This five-day intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit.

The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.

ISO 27001 - ISMS Lead Implementer (5 days)

This five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System as specified in ISO 27001:2005: risk management (based on ISO 27005), risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification.

In addition, the participant will be able to become proficient in the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 domains: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management and compliance.

This training focused on practice falls in line with best practices in project management based on the Project Management Institute (PMI) and the International Project Management Association (IPMA) as well as the ISO 10006 standard, "Quality Control Project Management Guidelines." It is fully compatible with the future ISO 27003 standard (guidelines for the implementation of an ISMS) and ISO 27004 (ISMS measures).

ISO 27001 Senior Management for Senior Management (1 Day)

This workshop allows senior management members of an organization to understand the implementation of an information security management system framework based on ISO 27001 from a strategic point of view as well as its implications at the corporate governance level. Based on the main legal, regulatory, contract and normative issues facing companies, the workshop introduces the ISO 27001 prerequisites as well as the different stages of its implementation: risk management, risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to audit certification.

The ISMS Lead Auditor Course (5 Days)

This five-day intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit.

The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.

Learning objectives:

• Understanding the application of the information security management system in the ISO 2701:2005 context.
• Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
• Understanding audit principles, procedures and techniques, and being able to apply them in an ISO 27001 audit framework.
• Understanding the legal, statutory, regulatory or contract obligations relevant during an ISMS audit.
• Acquiring the personal skills required to perform an audit in an effective and cost-effective manner, and managing an audit team.
• Preparing and completing an audit report ISO 27001.

Who should participate?

• Person wanting to lead ISO 27001 certification audits as the person in charge of an audit team.
• Consultant wanting to prepare and support a company in an audit certification ISO 27001.
• Internal advisor to a company or internal auditor who wants to prepare and support his company in a certification audit ISO 27001.
• Person in charge of information security or conformity internally for the organization.
• Expert advisor in information technology.

Course details:

Prerequisites

ISMS Foundation training or a basic knowledge of ISO 27001 and ISO 27002 standards is recommended.

Examination and Certification

• The ISMS exam - ISO 27001 Lead Auditor is certified by RABQSA and meets the "RABQSA Training Provider Examination Certification Scheme" (TPECS) criteria and covers the competency unit:
  • RABQSA - IS (information security)
  • RABQSA - AU (Audit Techniques)
  • RABQSA - TL (Techniques for Lead Auditor)
• ISMS exam - ISO 27001 Lead Auditor is available in English, French or Spanish.
• Duration of the exam: 3 hours
• A certificate will be issued to participants who successfully complete the exam.
• After the training, the participant can apply for the title of ISO 27001 provisional auditor, ISO 27001 auditor, ISO 27001 principal auditor or ISO 27001 lead auditor depending on their experience.
• The certificate for the successful completion of the RABQSA exam is recognized by IRCA and meets the IRCA/2016 certification criteria. A participant can register as IRCA or RABQSA auditor.

General Information

• A copy of ISO 27001 standard is distributed to participants.
• A 35 CPE (continuing professional education) participation certificate will be issued to participants.
• An audit toolkit as well as a student manual containing over 400 pages of information and practical examples will be distributed to participants.

The ISMS Lead Implementer Course (5 Days)

This five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System as specified in ISO 27001:2005: risk management (based on ISO 27005), risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification.

In addition, the participant will be able to become proficient in the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 domains: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management and compliance.

This training focused on practice falls in line with best practices in project management based on the Project Management Institute (PMI) and the International Project Management Association (IPMA) as well as the ISO 10006 standard, "Quality Control Project Management Guidelines." It is fully compatible with the future ISO 27003 standard (guidelines for the implementation of an ISMS) and ISO 27004 (ISMS measures).

Learning Objectives

• Understanding the application of an information security management system in the ISO 2701:2005 context.
• Understanding the relationship between the information security management system, including the management of risks and controls, and the various stakeholders.
• Acquiring the expertise to support an organization in implementing, managing and maintaining an ISMS as specified ISO 27001.
• Acquiring the personal skills and knowledge necessary to advise an organization on the best practices in information security management.

Who Should Participate?

• Project manager or consultant wanting to support an organization in the implementation of an ISMS.
• ISO 27001 auditor who wants to master the ISMS implementation process.
• Person responsible for the information security or conformity in an organization.
• Information security team member.
• Expert advisor in information technology.
  

Course Details

Prerequisites

• ISMS Foundation training or a basic knowledge of ISO 27001 and ISO 27002 standards is recommended.
  

Examination and Certification RABQSA

• The ISMS exam - ISO 27001 Lead Implementer is certified by RABQSA and meets the "RABQSA Training Provider Examination Certification Scheme" (TPECS) criteria and covers the following competency units:
• RABQSA - IS (Information Security)
• RABQSA - OI (organization improvement)
• RABQSA - MC (management counsel)
• ISMS exam - ISO 27001 Lead Implementer is available in English or French.
• Duration of the exam: 3 hours
• A certificate will be issued to participants who successfully complete the exam.

General Information

• A copy of ISO 27001 standard is distributed to participants.
• A 35 CPE (continuing professional education) participation certificate will be issued to participants.
• An ISMS implementation toolkit as well as a student manual containing over 300 pages of information and practical examples will be distributed to participants.

info

What Others Are Saying...

"The class you taught help fill in some gaps and also identify others. This helped me focus in on my weaknesses enough to pass.

Thanks for all your effort."

Steven R.  CISSP Bootcamp, Oakland, CA

"I passed the exam. Thank you IP3

I wanted to tell you that i think IP3 training bootcamp and online access is the BEST ROI for any professional looking for material and information in preparation for the CISSP exam. Thank you for everything! The videos, pdfs, everything is great. I passed the exam on June 28. Good luck to everyone!"

Christian R. , Information Security Administrator, Basking Ridge, NJ

"Just wanted to drop a note.  I took the class back in November, and finally got around to taking the exam a couple weeks ago.  I found the exam to be one of the hardest tests I have taken based on the layout and wording.  The learning and preparation as well as the extra helpers, audios, study tips paid off in the long run.  I passed.

I have recommended the training to others, and will continue to do so.

Thanks again!"

David C. Taschner, Manager Engineering Systems BAE