ISO/IEC 27001:2013 (ISMS) Awareness Training (PowerPoint PPTX)

Author's Note: The latest ISO/IEC 27001:2022 (ISMS) awareness presentation is now available on Flevy.

ISO/IEC 27001:2013 is the internationally-recognised standard for Information Security Management Systems (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It provides a robust framework to protect information that can be adapted to all types and sizes of organization. Organizations that have significant exposure to information-security related risks are increasingly choosing to implement an ISMS that complies with ISO/IEC 27001.

The ISO/IEC 27001:2013 standard preserves the Confidentiality, Integrity and Availability of information by applying a Risk Management process and gives confidence to interested parties that Risks are adequately managed.

This ISO/IEC 27001:2013 (ISMS) Awareness PPT presentation is designed for organizations who are embarking on ISO/IEC 27001:2013 implementation and need to create awareness of information security among their employees. Alternatively, the presentation may be used to supplement your materials for the training of ISMS professionals and internal auditors.

||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
This training package includes:
1. ISO/IEC 27001:2013 (ISMS) Awareness PPT training presentation (PowerPoint format, 4:3 standard screen)
2. Risk Assessment template (Excel format)
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

LEARNING OBJECTIVES

1. Provide background knowledge on information security.
2. Gain an overview of ISO/IEC 27001:2013 standard.
3. Gather useful tips on handling information security matters.

CONTENTS

1. What is Information?
•  What is information?
•  Why is information an asset?
•  Information exists in many forms
•  Information can be...

2. What is Information Security?
•  What is information security?
•  Why is information security important?
•  Components of information security
•  What are the impacts of information incidents?

3. Overview of ISO/IEC 27001 Standard
•  About ISO
•  What is a management system?
•  History of ISO/IEC 27001
•  What is ISO/IEC 27001?
•  Purpose of ISO/IEC 27001
•  Benefits of adopting ISO/IEC 27001 standard

4. ISO/IEC 27001:2013 Structure
•  Annex L – Implications
•  Overview of Annex L
•  The ISO/IEC 27001:2013 structure is aligned to the common structure for MSS
•  ISO/IEC 27001:2013 is based on the Plan-Do-Check-Act (PDCA) approach
•  PDCA and ISO/IEC 27001:2013 clause structure
•  ISO/IEC 27001:2013 key clause structure (4-10)
•  ISO/IEC 27001:2013 key elements
•  ISO/IEC 27001:2013 is a global standard on ISMS
•  ISO/IEC 27001:2013 defines 14 control areas
•  Purpose of each of the 14 sections from Annex A

5. ISO/IEC 27001:2013 Implementation Checklist
•  ISO/IEC 27001:2013 implementation checklist
•  ISO/IEC 27001:2013 certification process
•  Audit findings

6. Your Security Responsibilities
•  Who is responsible?
•  Classification of information asset – Example
•  Physical security
•  Password guidelines
•  Internet usage
•  Email usage
•  Other information security matters
•  Information security is everybody's job