Information Security Officer (ISO)
Book online today or call us at +49 7031 2024742 if you need help choosing the right course or want to discuss corporate discounts.
On-Site/Virtual
Prices from
€ 3.250
+UmSt
Duration:
5 days
Level:
Einsteiger
Code:
ISO
CPEs:
37
What is included: exam included, online exam voucher
Book Now
Overview
The IT Security Act requires operators of critical infrastructures (KRITIS) to implement and maintain an Information Security Management System (ISMS).
Well-trained Information Security Officers significantly contribute to the creation and maintenance of information security. In our 4-day course, you will intensively and practically acquire the necessary know-how on how to ensure the protection of data and information during the development, adaptation, implementation, and control of IT security policies.
You will learn about the structure of an Information Security Management System (ISMS) and the necessary guidelines from international and German standards, as well as receive essential information about the technologies, processes, analyses, and documentation used in IT security within a company.
Requirements
At least one year of professional experience (full-time) in the field of IT/Information Security
Advanced IT knowledge (network infrastructure, administration, strategic planning)
Knowledge in the field of management systems is desirable
Target group
The training for Security Officers is aimed at executives, management representatives, data protection officers, IT managers and consultants, IT security officers.
Training plan
Fundamentals of Information Security
Definition of information security and its significance for organizations.
Values of information security
Protection goals of information security
Security incidents and events
Information Security Management System (ISMS)
Management system
Difference between policies, processes, procedures, documents, and records
Explanation of documented information
Process-oriented approach to the implementation and maintenance of a management system
Deming Cycle (PDCA)
Audit and improvement
Significance and objectives of an Information Security Management System (ISMS)
Benefits of implementing an ISMS
Awareness and commitment of employees in maintaining an ISMS
VDA ISA vs. ISO/IEC 27001
Information Security Management System vs. IT Service Management
Basics and processes of IT Service Management.
Understanding differences and interfaces between ISMS and IT service management.
Role of information security in IT service management.
Standards and Norms of Information Security
Overview of norms, standards, and frameworks of information security.
ISO/IEC 27000 Series Overview
Overview of the ISO/IEC 27000 series and its structure.
Insights into relevant parts of the standard series.
Requirements of ISO/IEC 27001
Detailed examination of the requirements of ISO/IEC 27001 (Chapters 4 - 10) and their significance for the organization.
Establishing an ISMS in accordance with ISO 27001 requirements.
Objective and Measures (Annex A of ISO/IEC 27001; ISO/IEC 27002)
Analysis and selection of measures and objectives from Annex A.
Implementation and monitoring of the selected measures.
Data Protection Requirements
Important data protection processes
Embedding ISMS & data protection processes.
Roles and Responsibilities in ISMS
RACI Matrix
Roles and responsibilities for the implementation and maintenance of an ISMS
Security Technologies and Cryptography
Overview of various security technologies, measures, and their application areas and implementations in practice.
Basics of cryptography and its significance for information security.
SoA and Scope
Development of the Statement of Applicability (SoA) and definition of the scope for the ISMS.
Best practices, examples, and faux pas
Risk Analysis and Assessment
Differences between primary & secondary assets.
Identification and classification of assets in the organization.
Learning methods for conducting risk analyses.
Assessment of risks and determination of appropriate treatment measures.
Certification
Information Security Officer (ISO)
Duration: 60 minutes
Format: Multiple Choice
Languages: German
The ISO 27000 series standards are allowed as aids.
Your benefits
Schönbrunn TASC is a DEKRA accredited training organization (ATO). This means that you have access to official DEKRA course materials and can take your exam as a Information Security Officer (ISO) during the course at the Schönbrunn TASC training center. If you do not pass the exam on your first attempt (which we do not anticipate), our performance guarantee covers you – this means you train for free the second time.
You learn in small groups (max. 10 participants/course)
in-house modern training room and test center in a distraction-free, quiet atmosphere (PSI/ Pearson Vue/ EC Council/ Kryterion)
Practically experienced, always trained instructors guide you through the course
You will receive comprehensive training materials, manuals, and case studies for self-study
interactive discussions and group work help you in the application
a small breakfast, lunch, snacks, and drinks are provided throughout the day
Hotel recommendations near the training and testing center
the exam at the Schönbrunn TASC test center is possible afterwards**
Institute
Appointments
Similar courses
TISAX® Foundation
TISAX® Professional
Certified Information Systems Auditor® (CISA®)
Information Security Auditor (ISA)
Certified Information Security Manager® (CISM®)
CompTIA Security+ Certification Training
Information Systems Security Management Professional (ISSMP)
Certified Information Systems Security Professional (CISSP)
