IP3 is partnering with Veridion to provide the best certified and professionally registered educational programs to enable you and your firm to achieve the world standard of Information Security Management.

Created in 2005, Veridion specializes in training and audit services (ISO 27001, ISO 27002 and others) related to compliance and information security. Veridion offers courses in several languages around the world: global vision with a local approach.

As a leader in training and audit services (ISO 27001, ISO 27002 and others), in the compliance and information security field, Veridion nurtures close relationships with its clients thanks to its network of global partners. Through this network, Veridion delivers the best combination of value and know-how to their clients, meeting their needs with an insightful mix of local partnerships and international service options.

ISO 27001 Senior Management for Senior Management (1 Day)

This workshop allows senior management members of an organization to understand the implementation of an information security management system framework based on ISO 27001 from a strategic point of view as well as its implications at the corporate governance level. Based on the main legal, regulatory, contract and normative issues facing companies, the workshop introduces the ISO 27001 prerequisites as well as the different stages of its implementation: risk management, risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to audit certification.

ISO 27001 - ISMS Lead Auditor (5 days)

This five-day intensive course enables participants to develop the expertise needed to audit an Information Security Management System (ISO 27001) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During the training, the participant will acquire the knowledge needed to plan and perform audits compliant with the certification process of standard 27001:2005. Based on practical exercises, the participant will be able to develop the abilities (mastering audit techniques) and skills (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to the conduct of an audit.

The training is based on management system audit guidelines (ISO 19011:2002) as well as international audit best practices: the International Federation of Accountants (IFAC), the American Institute of Certified Public Accountants (AICPA), the Information Systems Audit and Control Association (ISACA) and the Institute of Internal Auditor (IIA). An audit kit developed by experienced auditors will be distributed to participants.

ISO 27001 - ISMS Lead Implementer (5 days)

This five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System as specified in ISO 27001:2005: risk management (based on ISO 27005), risk management plan, implementation, surveillance, re-examination and operation of an ISMS, continuous improvement of information security, management’s commitment, follow-up and review as well as an introduction to ISO 27001 audit certification.

In addition, the participant will be able to become proficient in the best practices in the implementation of information security control measures based on the eleven (11) ISO 27002 domains: security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management, business continuity management and compliance.

This training focused on practice falls in line with best practices in project management based on the Project Management Institute (PMI) and the International Project Management Association (IPMA) as well as the ISO 10006 standard, "Quality Control Project Management Guidelines." It is fully compatible with the future ISO 27003 standard (guidelines for the implementation of an ISMS) and ISO 27004 (ISMS measures).