How to build, operate, monitor and improve a fully compliant ISO/IEC 27001 security program in pretty much any type of organization. The training will focus on real-life experiences, simple tools, tricks, shortcuts and do and don'ts.

Is expected that by the end of this training, you will have the required knowledge in order to develop a ISO/IEC 27001 compliant program at your own organization (or at least have a very clear view on what is required to get the job done).

The workshop takes many basic components from the official ISO/IEC Lead Auditor / Implementer Training provided by organizations such as BSI, Veritas, Etc.

• ISO Introduction, Why it matters.
• Certification Process & Dealing with Auditors
• Scope, Program Definition
• Asset & Risk Management
• Statement Of Applicability
• BCM
• Program Monitoring & Improvements
• Internal Audits
• ISO/IEC 27002 - Security Controls

Esteban Ribicic

Argentine born, Esteban Ribicic, has been working on Security for over a decade. With a strong technical background and a clear specialization on Security Governance Esteban has helped many organizations in building and improving their Security Programs. He has a strong focus on getting the job done, keeping it as simple as possible without compromising effectiveness and efficiency. Esteban has an engineering background and holds several Security and Service Management certifications.
Esteban leads eramba.org, an open-source IT Governance, Risk and Compliance tool.

1 day (8 hrs)

• Patience
• Good listening skills!

Pre-requisite

Who should attend?