Professional Documents
Culture Documents
New Edition of ISO/IEC 27001: Be Ready and Prepared For The
New Edition of ISO/IEC 27001: Be Ready and Prepared For The
New Edition of ISO/IEC 27001: Be Ready and Prepared For The
This
training
seminar
will
introduce
you
to
the
second
editions
of
ISO/IEC
27001
to
be
released
in
Autumn
2013.
This
will
be
a
guided
tour
to
get
you
ready
and
prepared
for
the
2013
launch
of
the
2nd
edition
of
this
internationally
successful
management
standard
on
information
security.
The
first
edition
of
this
standard
that
has
already
helped
hundreds
of
thousands
of
companies
to
protect
their
vital
and
critical
business
assets
from
the
threats
and
risks
of
the
interconnected
global
markets.
The
second
edition
will
offer
the
opportunity
to
do
even
more
to
protect
the
infrastructure,
platforms
and
services
that
the
modern
company
uses
and
deploys
in
its
business.
Every
company
needs
to
be
concerned
about
the
protection
of
their
company’s
vital
and
critical
business
assets
to
prevent
cyber
risks,
threats
to
on-‐line
trading
and
banking,
identity
theft,
malware
attacks,
damaging
your
company.
Every
company
should
be
getting
ready
and
prepared
to
implement
the
next
edition
of
ISO/IEC
27001.
Attending
this
three-‐day
training
seminar
is
your
opportunity
to
make
a
difference
to
your
company
and
to
add
value
to
the
protection
of
your
company’s
business
assets.
Beijing
Powertime has
invited
Prof.
Edward
Humphreys,
the
Father
of
the
ISMS
Family
of
standards,
which
includes
ISO/IEC
27001,
to
provide
businesses
in
China,
and
in
the
surrounding
Regions,
with
an
authoritative
‘Hot
Off
The
Press’
presentation
of
the
new
edition.
Day
One
0930-‐1230
Topics
• Overview
of
the
revision
of
27001
o Purpose
and
objective
o New
structure
and
content
o Next
Generation
of
Management
System
Standards
o Matrix
of
Changes
• Organisational
Context
(Chapter
4)
o Understanding
the
organization
and
its
context
o Needs
and
expectations
o Determining
the
scope
of
the
ISMS
o ISMS
1330-‐1700
Topics
• Leadership
(Chapter
5)
o Commitment
and
Policy
o Roles,
Responsibilities
and
Authorities
• Planning
(Chapter
6)
o Risk
assessment
o Risk
treatment
o Security
objectives
• Day
1
Q&A
Session
Day
Two
0930-‐1230
Topics
• Support
(Chapter
7)
o Resources
o Competence,
Awareness
and
Communication
o Documented
information
• Operations
(Chapter
8)
o Planning
and
control
o Information
security
risk
assessment
o Information
security
risk
treatment
1330-‐1700
Topics
• Performance
Evaluation
(Chapter
9)
o Monitoring,
measurement,
analysis
and
evaluation
o Internal
audit
o Management
review
• Improvements
(Chapter
10)
o Nonconformity
and
corrective
action
o Continual
improvement
• Day
2
Q&A
Session
Day
Three
0930-‐1230
Topics
• Annex
A
and
2013
edition
of
ISO/IEC
27002
• Related
Family
ISMS
standards
1330-‐1700
Topics
• Certification
Aspects
o Transition
from
old
to
new
o Getting
ready
for
audit
to
the
new
edition
• Delivering
Integrated
Management
Systems
(Case
Studies)
• Certification
of
Sector-‐Specific
Applications
(Case
Studies)
o Telecoms
o Healthcare
o Finance
o Energy
o IT
Services
o Cloud
o PII
• Multiple
Choice
Test
(30mins)
+
course
completion
certificate
• Concluding
Q&A
Session
Contact Us
Please contact Ms. Chen from Beijing Powertime for more inquiry
Phone: 010 - 58732083 / 58732084
Mobile: 13811192826
Email: chenjing@powertime.cn