ISO 27001:2013 – Information Security Management System



Learn about ISO 27001:2013 ISMS Overview & Controls. You can do it!

What you will learn

 

ISO 27001 Overview

ISO 27001 Annex A Controls

ISO 27002 Clause 6.2 Teleworking Overview

ISO 27002 Clause 8 Asset Management Overview

ISO 27002 Clause 13 Communication Security Overview

Understand the need for Network Security

Understand Segregation of Network Services

Familiarize yourself with common Network Attacks

Understand different Control Types

Understand what a defensive strategy may comprise of

Understand the security of Information Transfer

Understand policies and procedures related to electronic messgeing

Understand the need for Agreements of Information Transfer & Confidentiality and NDA Agreements

Description

 

This course is about ISO 27001:2013. The lecture style is presentation-with-voiceover. Firstly, I’ll be explaining an overview of the standard at a high level. Then I will be discussing different clauses and controls in more detail. I’ll be updating this course regularly to cover more and more areas in depth. Examining the curriculum content is going to help you understand the coverage.

So far, I’ve covered:

  • Annex A Control: Teleworking

  • Annex A Control: Asset Management

  • Annex A Control: Cryptography

  • Annex A Control: Communication Security

This standard is about creating an Information Management System. The goal of an ISMS is to protect the confidentiality & integrity of data while ensuring availability. You can apply this system to any type of organization of any size. It’s based on the same core high-level structure as other management systems. The main clauses include:

‘;
}});

  • Context of the organization

  • Leadership

  • Planning

  • Support

  • Operation

  • Performance Evaluation

  • Improvement

The second part of the standard is about controls. They are listed in Annex A, and are grouped into different categories. They provide organizations with a set of tools that can be used to achieve the objectives of their management system. The list is not exhaustive and more controls do exist and can be implemented. Regardless, it’s important to understand the controls mentioned in Annex A and determine if they are applicable or useful to your organization.

Network Security
Introduction
Network Security
Security of Network Services
Segregation in Networks
Methods of Attack
Control Types
Defence In-depth
Information Transfer
Introduction
Agreements on Information Transfer
Electronic Messaging
NDAs
Conclusion

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
Best Wordpress Adblock Detecting Plugin | CHP Adblock

Check Today's 30+ Free Courses on Telegram!

X