The ISO27002 standard is the rename of the ISO17799 standard, and is a code of practice for information security. Its essence outlines hundreds of potential controls and control mechanisms, and may be implemented under the guidance provided within ISO27001.
ISO27001 standard deals with the set-up of the information security process and represents the specification for an Information Security Management System (ISMS).
The ISO27002 standard, which is also known as the “Code for Information Security”, contains guidelines for measures in the area of information security. The guidelines in the ISO27002 standard deal with the organizational, procedural, physical and logical aspects of information security.
Créditos: 18 PDUs – Professional Development Units
This is an introduction course for everyone in the organization who is involved with the information management lifecycle. The course is also suitable for small independent businesses for whom some basic knowledge of information security is necessary. This course can be a good start for new information security professionals.
Both through lecture and hands on, the purpose of this course is to present the following concepts:
- Information and security concepts: the value of the information and the importance of its reliability
- Threats and risks: The relation between threats and reliability
- Approach to the organization of the Security Information Policies
- Security measures: technical and organizational
- Legislation and regulations: its importance and implications
- Design and Implementation of the ISMS according to the ISO27001 standard
- Certification of the ISMS according to the ISO27001 standard