ISO/IEC 27001:2013 Information Security Management System (ISMS) - Introduction
Organisations are increasingly aware of the value of their business-critical information and the need to protect their information related assets.
An Information Security Management System (ISMS) is based on risk management approach to maintain the confidentiality, integrity and availability of the organization’s information. ISMS is a systematic approach in managing an organisation’s information security.
ISO/IEC 27001:2013 Information Security Management System (ISMS) - Requirements - specifies requirements for the establishment, implementation, monitoring, review, maintenance and improvement of a management system to manage an organization’s information security risks.
This one-day course aims to spread knowledge on the objectives and benefits of information security; the requirements specified in ISO/IEC 27001:2013 ISMS - Requirements; the controls provided in ISO/IEC 27002:2013 Code of Practice for Information Security Controls; and an insight into the emerging ISO 27000 series of standards.
This course is designed for beginners and provides an introduction to Information Security and Information Security Management System (ISMS) ISO/IEC 27001:2013. It gives participants an overview of the related standards. Discussions on the benefits and critical success factors for implementing ISO/IEC 27001 ISMS is also included for participants to ensure effective and successful ISMS implementation.
- Senior Managers/Managers
- ISMS Implementors
- ISMS Consultants
- Information Security Practitioners
- Individual who needs to acquire general knowledge in ISMS
- What is Information Security?
- What is Information Security Management Systems (ISMS)?
- Why ISMS?
- ISO/IEC 27001:2013 Information Security Management System - Requirements
- ISO/IEC 27002:2013 Code of Practice for Information Security Control
- Critical Success Factor
Head of Department
Information Security Management & Assurance
Sabariah Ahmad has 27 years of working experience in Information Security. She is currently with CyberSecurity Malaysia, who is responsible in implementing Information Security Management System (ISMS), maintaining ISO/IEC 27001 ISMS certification for CyberSecurity Malaysia, ensuring CyberSecurity Malaysia survivability and resiliency through business preparedness and continuity management as well as delivering services related to information security governance, risk management and compliance (GRC).
She is also an auditor for ISMS certification under CyberSecurity Malaysia ISMSCB scheme. She is certified trainer by Human Resources Development Fund, an organisation under the Human Resources Ministry, and has conducted various trainings as well as awareness related to information security based on ISO/IEC 27001 ISMS to the Critical National Information Infrastructure (CNII) agencies and organizations.
She is currently in the working group for WG/G/5-1 information security management system (ISMS). This working group is under Industry Standards Committee on Information Technology, Communications and Multimedia (ISC G) – national mirror committee overseeing national and international standardisation activities in the field of IT, communications and multimedia.
Sabariah Ahmad holds a Bachelor’s Degree in Computer Science from Utah State University, Logan, Utah, USA in 1993. She is a certified ISO/IEC 27001 Information Security Management Systems (ISMS) and ISO/IEC 22301 Business Continuity Management Systems (BCMS) Lead Auditor, Associate Business Continuity Professional (ABCP), Governance, Risk and Compliance (CGRC) and GIAC Security Essential Certification (GSEC). She is also a member of the Malaysia Board of Technologists (MBOT) and ISACA.
Pn. Ida Rajemee Bt Ramlee
Information Security Management & Assurance
Ida Rajemee bt Ramlee holds a Bachelor’s degree in Computer Science from University Science of Malaysia (USM), Malaysia. She started her career as a software engineer and later in system development and administration before joining CyberSecurity Malaysia in 2007.
Ida Rajemee is part of the Information Security Management System (ISMS) team responsible for the internal ISMS implementation within CyberSecurity Malaysia. Her involvement ranges throughout the whole phases of ISMS implementation. n. She is also involved in audit activities for ISMS certification under CyberSecurity Malaysia ISMSCB scheme.
She is also an alternate member for the Malaysian Technical Committee on Risk Management and a member of the Information Security Professional Association of Malaysia (ISPA).
Ida Rajemee is a certified ISO/IEC 27001 Information Security Management Systems (ISMS) and ISO/IEC 22301 Business Continuity Management Systems (BCMS) Lead Audit, Associate Business Continuity Professional (ABCP), Professional in Critical Infrastructure Protection (PCIP), Governance, Risk and Compliance (CGRC) and PSMB (HRDF) Certified Trainer.
Disclaimer: Trainer selection are subject to availability.
- 29 March 2022
- 26 July 2022
- 30 August 2022
- 8 November 2022
6 CPD Point
Please submit the Certificate of Completion to Global ACE Certification at www.globalace.org
Have any inquiries? Check out the FAQ