Program Overview

This 2-day program explains the concepts and basis of development and use of measures and measurement in order to assess the effectiveness of an implemented ISMS and controls or groups of controls, as specified in ISO/IEC 27001. Knowing the foundations in establishing, implementing and evaluating an effective Information security program will be featured based on the guidelines specified in ISO 27004:2009, which encourages the organization to provide reliable information to relevant stakeholders concerning its information security risks and the status of the implemented ISMS to manage these risks- both in long-term and short term.


2 - Day Program

Learning Objectives

At the end of this training, participants will be able to:

  • Internalize the basis of having an effective information security management practice
  • Discuss the fundamentals of establishing, implementing and evaluating the Information Security Management Program based on the guidelines specified in ISO/IEC 27004:2009
  • Know the techniques, watchpoints and other practices that help compliment the implementation of an Information Security Management Program

Target Audience

  • Members of an information security team
  • IT professionals wanting to gain a comprehensive knowledge of the main processes of an Information security Management System (ISMS)
  • Staff involved in the implementation of the ISO/ IEC 27001 Standard
  • Technicians involved in operations related to an ISMS
  • Auditors
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks

Training Course Outline


To inquire online about our award-winning training, please complete the form and SAS Management representative will contact you.

Have a Question?

By clicking "Submit", you are agreeing to our Privacy and Cookies Policy.