ISO 27001 Information Security Management System (ISMS) – Workshop in Sofia, Bulgaria

Home / ISO 27001 Information Security Management System (ISMS) – Workshop in Sofia, Bulgaria

Course Description

ISO 27001 standard provides a framework to assure the effectiveness of the information security measures in the work, this includes the continued accessibility, confidentiality and integrity of the information in whatever form it is held.  This course enables participants to be familiar with the basic concepts of the implementation and management of an Information Security Management System (ISMS) as specified in ISO 27001. The components of ISMS will be discussed in this course, including the ISMS policy, risk management, measuring performance, management’s commitment, internal audit, management review and continual improvement.

Course Objectives

  • Being familiar with the basics of information security
  • Knowing what information security management system (ISMS) is and how it can help business
  • Understanding the development, history, and current status of ISO 27001
  • Understanding the registration process
  • Estimating costs and resources to implement an ISMS
  • Understanding the available information security controls

Who Should Attend?

  • Supervisors
  • Managers
  • Executives
  • Members of IT team
  • Technicians involved in operations related to an ISMS
  • Anyone who is involved in ISO standards

Course Schedule

Day 1

  • Fundamental principles of Information Security
  • Overview of what is meant by ISMS and the basic constituents of an ISMS
  • Introduction to the ISO 27000 family of standards
  • Presentation of the standards ISO 27001, ISO 27002 and ISO 27003 and regulatory framework
  • Explanation of how an ISMS can help
Day 2

  • General requirements: presentation of the clauses 4 to 8 of ISO 27001
  • Identifying and evaluating assets
  • Defining the scope of an ISMS
  • Development of an ISMS and information security policies
  • Selection of the approach and methodology for risk assessment
  • Risk management: identification, analysis and treatment of risk
Day 3

  • Drafting the Statement of Applicability (SoA)
  • Implementation phases of ISO 27001 framework
  • Implementation of a document management framework
  • Principles and design of information security controls
  • Writing procedures
  • Implementation of controls
Day 4

  • Incident management
  • Operations management of an ISMS
  • Documentation of an information security control environment
  • Monitoring and reviewing the information security controls
  • Development of metrics, performance indicators and  dashboards
  • ISO 27001 internal Audit
  • Management review of an ISMS
Day 5

  • Continual improvement of Information Security
  • Implementation of a continual improvement program
  • Preparing for an ISO 27001 certification audit
  • Conducting an ISO 27001 certification audit
  • Examples of  implementation of information security controls based on ISO 27002 best practices

Registration Information

Program Dates: 18-20 December, 2017

Registration Closes on: 22 November, 2017


Program Fee: $4250

Fee Covers: Visa, Participant Assessments, Airport pickup, Accommodation with wifi & breakfast, Lunch & Refreshments, Workshop Kit, Practical Activities, Program Materials, International Certificate of Completion & Entertaining Tour


Register Online  


Online Payment via PayPal


Registration Assistance: or

Skype: risalatconsultantsint Call/Viber/WhatsApp: +995555116622

Don’t forget to follow Risalat on LinkedInTwitter &  Facebook!

error: Alert: Content is protected!