Course content

Day 1: Information security according to the ISO / IEC 27001:2022 standard:

• What is information security
  • Cyber threat trends
  • IS assets and their valuation
  • Vulnerabilities and risks
  • Security requirements
• ISO / IEC 27001:2022 standard
  •  Contents
  •  Annex A
• Examples - Documentation
  • Information security policy
  •  Risk analysis
  • Risk elimination measures
• Discussion

 

Day 2: Law and Cyber Security:

• Act 69/2018
  • Competence of the authorities in the field of cyber security,
  • National Cyber Security Strategy and the Unified Cyber Security Information System,
  • Status and obligations of the basic service provider and digital service provider,
  • Organization and scope of CSIRTs,
  • Education and security awareness building,
  • Control mechanisms and sanctions.
• Decree no. 362/2018 laying down the content of security measures
  • Content and structure of documentation
  • Information classification and categorization of networks and information systems
  • Precautions
• Discussion
  •  Comparison of requirements for the creation of documentation according to ISO / IEC 27001:2022 and according to the Cyber Security Act

Designed for

• Internal Auditor
• Quality Manager
• IMS Manager

---

Additional information

Training Schedule - Open Public Online Term
Testing the training connection	from 07:45 *
Training program	08:00 - 12:00
Lunch break	12:00 - 12:30
Training program	12:30 - 14:00
Processing a case study / test	after 14:00

* UTC +1 time zone (DE, BE, DK, NL, NO, SE, AT, ES, FR, IT, SI, SK, CZ, PL, HU, ...)