Introduction to Information Security and ISO 27001

This one-day introductory course provides essential guidance on how organisations can most effectively improve their information security.  Based on best practice principles, this course provides an introduction for anyone intending to develop, implement and measure effective information security.

By attending this one day course, you will learn all aspects of information security and the role that ISO 27001 plays in helping us to protect information.  The course will be led by one of URM’s senior consultants and practitioners who will guide you through:

What is information security?

• Information security principles
• Defining information assets
• What are the threats to those assets
• What are consequences of security breach
• What about personal data and the GDPR

What is ISO 27001?

• What is purpose of the Standard and how it works
• How is the 2022 version of the Standard structured
• All the main clauses explained with practical examples and interpretations

Assets and Risks

• Identifying information assets
• Developing an asset register
• What is information risk and how do we link to assets?

Information Risk Assessment

• Defining an approach
• Stages of risk assessment
• Risk treatment
• Risk appetite.

‍