This 1-day program introduces the basic concepts on the development and use of measures and measurement in order to assess the effectiveness of an implemented ISMS and controls or groups of controls, as specified in ISO/IEC 27001. Understanding the ideas of this program provides the participant an overview of what does it mean to have an effective Information Security Management Program based on the guidelines specified in ISO 27004:2009, which encourages the organization to provide reliable information to relevant stakeholders concerning its information security risks and the status of the implemented ISMS to manage these risks.

1 - Day Program

At the end of this training, participants will be able to:

• Appreciate the basic concepts of Monitoring and Measurement in Information security
• Go through with the elements of Information Security Management Program based on the guidelines specified in ISO/IEC 27004:2009
• Get ideas on techniques and other practices that help compliment the implementation of an Information Security Management Program

• Members of an information security team
• IT professionals wanting to gain a comprehensive knowledge of the main processes of an Information security Management System (ISMS)
• Staff involved in the implementation of the ISO/ IEC 27001 Standard
• Technicians involved in operations related to an ISMS
• Auditors
• CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks