This article is a review of the PECB Certified ISO 27001 Lead Implementer course delivered by The Specialists Hub. We took some photos of the training event in July and have included feedback from the students to provide greater insight into what to expect.
First of all what is ISO 27001?
ISO 27001 is an International Standard for Information Security Management. Organisations implement ISO 27001 in order to protect their information assets from threats and this includes physical security, organisational security and technical security, therefore is broader than just cyber security and as most data breaches are due to human error this is the best framework to protect your information assets from harm.
Organisations can gain certification against ISO 27001, as can individuals. Some organisations however, choose to implement the standard as best practice to reduce risk without going through formal certification. This is entirely down to the organisation’s preference and objectives, although there are clear benefits to certifying as detailed below.
The course is delivered over 4 days by an experienced Information Security Practitioner and is structured in a way which caters for those who are fairly new to Information Security to those with more technical/professional experience. A breakdown of the content is below.
- Course objectives and structure
- Standards and regulatory frameworks
- Information Security Management System (ISMS)
- Fundamental concepts and principles of information security
- Initiate the ISMS implementation
- Understand the organization and its context
- Analyze the existing system
- Leadership and project approval
- ISMS scope
- Information security policy
- Risk management process
- Information security organizational structure
- Statement of Applicability and management decision to implement the ISMS
- Design of security controls and drafting of specific policies and procedures
- Implementation of security controls
- Definition of the document management process
- Communication plan
- Training and awareness plan
- Operations management
- Incident management
- Monitoring, measurement, analysis and evaluation
- Internal audit
- Management review
- Treatment of problems and nonconformities
- Continual improvement
- Preparing for the certification audit
- Certification process and closing the training
One of the best trainings ever..The training was by far one of the best I’ve had. The venue was spectacular, the training content (trainer) was perfect and well delivered, and last but not the least, the price was unbeatable. Thanks very much Specialist Hub, I will always recommend
Excellent lots of real life examples and exercise's to help land the subjects. No rush to move off the subject until everyone got it
6 stars if I could..Ticked all the boxes, literally. Excellent course content, excellent delivery, excellent location, excellent support, excellent people...should I go on?
All the delegates received a link to the PECB portal prior to the course which provides full access to the course materials. Folders were also provided along with reference materials including the ISO Standards ISO 27001 and ISO 27002.
Graeme Parker, the UK PECB MD and ISO 27001 Master, delivered the course, bringing his wealth of experience and knowledge and lots of real life examples to bring it to life.
The group was really interactive and had some great group discussions and it was interesting to hear different perspectives and examples. The group delegates were from different roles and industries, including IT Experts, Project Managers, IT Service Managers, Web Developer, Business Owner and Data Protection Consultant.
The course was delivered at the etc. venue on Portland Street in Central Manchester, easily accessible by train, bus or car and next to a variety of hotels.