ONLINE TRAINING



Implementing the Information Security Management System (ISO/IEC 27001:2013) Within Your Organisation

This course introduces to the Information Security Management System structure and explores the requirements of ISO/IEC 27001:2013. It will assist participants with the implementation of Information Security Management System within the organization.

By the end of the session, the participants will be able to:

  1. Understand the requirements of ISO/IEC 27001:2013 and understand what needs to be implemented;
  2. Appreciate the significance of organizational context and adopting a risk-based approach;
  3. Grasp the application of risk-based thinking, leadership and process management;
  4. Describe the requirements in Annex A (normative), relating to the reference control objectives and controls;
  5. Grasp the information security best practices according to ISO/IEC 27001:2013;
  6. Prepare and develop the required skills for an ISO/IEC 27001:2013 implementation and audit.

 

Module 1: Information Security Landscape

  1. Information Security Fundamentals
  2. Recent Issues and Case Studies
Module 2: Information Security Management System Clause Requirement
  1. Context of the Organization
  2. Leadership
  3. Planning
  4. Support
  5. Operation
  6. Performance evaluation
  7. Improvement
Module 3: Information Security Management System Control Requirement
  1. Information Security Policies
  2. Organization of Information Security
  3. Human Resource Security
  4. Asset Management
  5. Access Control
  6. Cryptography
  7. Physical and Environmental Security
  8. Operations Security
  9. Communications Security
  10. System Acquisition, Development and Maintenance
  11. Supplier Relationships
  12. Information Security Incident Management
  13. Information Security Aspects of Business Continuity Management
  14. Compliance
Module 4: Course Assessment
  1. A multiple-choice question assessment

En. Shukri Safi'e
Security Consultant
Nexagate Sdn Bhd

  • Certified ISMS/ISO 27001 Lead Auditor
  • Certified QMS/ISO 9001 Lead Auditor (Integrated)
  • Certified OHSMS/OHSAS 18001 Lead Auditor (Integrated)
  • Certified Safety & Health Officer
  • Kaapagam Certified Professional
Experience
  • More than 4 years’ experience in ICT and Management Systems Consultancy and Services, specialized in Information Security, Quality, Occupational Health & Safety, Environmental and Asset Management Services
  • Project experience in ISMS, Security Risk Management, QMS, OHSMS, EMS, AMS and FSSC
  • Clients include MOF-CDC, JPA, JPB, JPL, LSSPI, TNB, TERAS Teknologi, Sabah Ports, EJSB, NRSB, A1CCS, AirAsia, ADV Fusionex
Trainer / Instructor
  • Experiencing in conducting training for:
    • ISO9001:2015 (QMS) Internal Audit Training 2017 (Nestari Resources Sdn Bhd)
    • ISO 9001:2015 (QMS) Internal Audit Training 2017 (Selaco Aluminium Berhad)
    • Latihan Kebakaran dan Evakuasi 2017 (Lee Song Seng Plastic Industries Sdn Bhd)
    • Integrated Management System (ISO 9001:2015. ISO 14001:2015 & OHSAS 18001:2007) Internal Audit Training) Aug & Oct 2017 (A1 Custom Coat Solutions Sdn Bhd)
    • QSHE Awareness Training 207 (Eu Jin Bhd)
    • Kursus Audit Dalaman (ISO 19011:2011) 2018 (Eu Jin Sdn Bhd)
    • Safety & Health Committee Training 2018 (Lee Soon Seng Plastics Industries Sdn Bhd)
    • Kursus Audit Dalam ISMS (ISO/IEC 27001:2013) 2019 (Majlis Perbandaran Kajang)
    • Pengenalan Metodologi Pengurusan Risiko & MyRAM (ISO/IEC 27001:2013) 2019 (Majlis Perbandaran Selayang)
    • Information Security Policy Awareness 2019 (SME Bank)
    • Information Security Risk Management Introduction 2019 (Silterra Malaysia Sdn Bhd)
    • IT Risk Register Training 2019 (SME Bank (IT Risk Unit))
    • Pengenalan Metodologi Pengurusan Risiko & MyRAM (ISO/IEC 27001:2013) 2019 (Jabatan Pendaftaran Pertubuhan Malaysia)
    • ISO/IEC 27001:2013 (ISMS) Awareness Training 2019 (Silterra Malaysia Sdn Bhd)
    • Latihan Pelaksanaan ISO/IEC 27001:2013 (ISMS) 2019 (Jabatan Pendaftaran Pertubuhan Malaysia (BPTM))
    • Kursus Audit Dalam ISMS (ISO/IEC 27001:2013) 2019 (Majlis Perbandaran Selayang)
    • ISMS Internal Audit Training (ISO/IEC 27001:2013) 2019 (Silterra Malaysia Sdn Bhd)
    • Taklimat Kesedaran ISO/IEC 27001:2013 (ISMS) 2019 (Jabatan Pendaftaran Pertubuhan Malaysia)
    • ISMS Internal Audit Training (ISO/IEC 27001:2013) 2019 (Silterra Malaysia Sdn Bhd)
    • ISO 9001:2015 (QMS) Awareness Training 2019 (Fujitsu Systems Global Solutions)
    • ISO 14001:2015 (EMS) Implementation Training 2019 (Fujitsu Systems Global Solutions Management
    • ISO 14001:2015 (EMS) Implementation Training 2019 (Fujitsu Systems Global Solutions Management)
    • ISO/IEC 27001:2013 (ISMS) Awareness Training 2019 (Single Buyer)
    • ISO 9001:2015 (QMS) Implementation Training 2019 (Fujitsu SystemsGlobal Solutions)
    • Introduction on Information Security Risk Management Methodology (Virtual) 2020 (Single Buyer)
    • ISO/IEC 27001:2013 (ISMS) Awareness Training (Virtual) 2020 (Nexagate)
    • ISO/IEC 27001:2013 (ISMS) Awareness Training Virtual 2020 (Propay Partners Sdn Bhd)
    • Taklimat Kesedaran ISO/IEC 27001:2013 (ISMS) 2020 (Jabatan Pendaftaran Pertubuhan Malaysia)
    • Safety and Health Awareness Training (Virtual) 2020 (Nexagate)
    • Taklimat Audit Dalam ISO/IEC 27001:2013 (ISMS) (Virtual) 2020 (Pejabat Ketua Pendaftar Mahkamah Persekutuan Malaysia)
    • Taklimat Perlaksanaan Dan Prosedur Sistem Pengurusan Keselamatan Maklumat (Virtual) 2020 (Pejabat Ketua Pendaftar Mahkamah Persekutuan Malaysia)
    • Taklimat Kesedaran Security Management System (ISMS) ISO/IEC 27001:2013 (Virtual) 2020 (Pejabat Ketua Pendaftar Mahkamah Persekutuan Malaysia)
    • Taklimat Kesedaran Perlaksanaan & Dokumen (BCMS) ISO 22301:2019 (Virtual) 2020 (Jabatan Kimia Malaysia)
    • Introduction on Information Security Risk Management Methodology (Virtual) 2020 Propay Partners Sdn Bhd

En. Benyazwar Mohmd
Chief Security & Risk Consulting
Nexagate Sdn Bhd

 

Project Experience
Benyazwar has been leading the company’s Risk and Compliance team since 2012. Since then, he has led various Risk and Compliance consulting projects across various verticals in both the public and private sector.

His first area of expertise is in Information Security Management System (ISMS), helping clients achieve and maintain the ISO/IEC 27001 certification year by year. He is now an expert in the field of Service Management System (SMS) having successfully guided clients achieving the ISO/IEC 20000-1 certification. Other areas of expertise include DLP Consultancy, BCMS Consulting and Certification and Cybersecurity Framework Consulting.

Client profiles under his belt include MAXIS, FUJITSU, PUNB, SPRM, MARA, KDN, KIBB, SME BANK, AGROBANK and KPJ HEALTHCARE.

An individual with strong empathy towards his clients, he always make sure that the client is left happy and satisfied. A key factor which has his clients keep returning.

Key Highlights
Benyazwar is a pioneer in providing DLP Consultancy, lending his expert advice to Kementerian Dalam Negeri (KDN), the first every government agency to implement DLP back in 2013.

He is now pioneering efforts in delivering RMiT related consulting services such as developing the Technology Risk Management Framework (TRM) and Cyber Resilience Framework (CRF).

Relevant Trainings, Certification & Education
Graduated with Master’s in Communication Engineering and Bachelor of Engineering (Hons), Majoring in Microwave and Communications. Professional Certifications include ISMS/ISO 27001 Lead Auditor and SMS/ISO 20000-1 Lead Auditor.

Project Roles
Risk and Compliance Lead Consultant, Risk and Compliance Quality Assurance Manager, Project Director.

 

5 - 7 April 2021

Fee: MYR3,100.00