Requirements of the standard / Training of internal auditors according to the ISO/IEC 27001:2022 standard

The goal of the training is to acquaint participants with the requirements for the creation, implementation, maintenance, and continual improvement of an information security management system according to the ISO/IEC 27001:2022 standard. Participants will also learn how to assess risks in information security and how to prevent them.

Online terms
Content of the training
Training schedule
Organisational guidelines
Frequently asked questions
+421 908 345 320

Course content

Introduction to information security management systems
Methods used in information security management systems
Defining risks and rules to prevent information leakage
What is information security
- Trends in cyber threats
- IS assets and their valuation
- Vulnerabilities and risks
- Security requirements
Standard ISO/IEC 27001:2022
- Content of the revised standard
- Main changes between ISO/IEC 27001:2013 and ISO/IEC 27001:2022
- Annex A (Organizational controls, people controls, physical controls, technological controls)
  - Introduction of 17 new security measures
  - 16 security measures were removed (duplication or alignment with other measures)
Examples - Documentation
- Information security policy
- Risk analysis
- Measures to eliminate risks
Discussion

Designed for

Internal Auditor

Additional information

Training Schedule - Open Public Online Term
Testing the training connection	from 07:45 *
Training program	08:00 - 12:00
Lunch break	12:00 - 12:30
Training program	12:30 - 14:00
Processing a case study / test	after 14:00