DQS SA ISO 27001 Information Technology, Security Techniques, Information Security Management systems and Requirements.


5 in stock



16 Hours

ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes. The purpose of this module is to provide awareness, understanding and facilitation in managing an information security management system. This module incorporates the requirements of the ISO 27001 standard released in 2013, including the 14 Annex A Control sets.  Based on your risk assessments and depending on the risks you have identified, you’ll select the security controls that are applicable to your organisation.


0. Introduction
0.1. General
0.2. Compatibility with other management system standards
0.3. Information security requirements
0.4. Selecting controls
0.5. Process approach

1. Scope

2. Normative references

3. Terms and definitions

Structure of the module

4. Context of the organization
4.1. Understanding the organization and its context
4.2. Understanding the needs and expectations of interested parties
4.3. Determining the scope of the information security management system
4.4. Information security management system

5. Leadership
5.1. Leadership and commitment
5.2. Policy
5.3. Organizational roles, responsibilities and authorities

6. Planning
6.1. Actions to address risks and opportunities
6.2. Information security objectives and planning to achieve them

7. Support
7.1. Resources
7.2. Competence
7.3. Awareness
7.4. Communication
7.5. Documented information

8. Operation
8.1. Operational planning and control
8.2. Information security risk assessment
8.3. Information security risk treatment

9. Performance evaluation
9.1. Monitoring, measurement, analysis and evaluation
9.2. Internal audit
9.3. Management review

10. Improvement
10.1. Nonconformity and corrective action
10.2. Continual improvement

ANNEX A Security Controls

NOTE: Also see our ISO 27001 Organisational Self-Assessment (Gap Analysis/ internal auditing tool) 

Contact us at elearning.sa@dqs.de for more information.


There are no reviews yet.

Be the first to review “DQS SA ISO 27001 Information Technology, Security Techniques, Information Security Management systems and Requirements.”

Your email address will not be published. Required fields are marked *