back to overview
Information Security Management
(based on ISO 27xxx / critical infrastructure protection)

Delivery: classroom // Duration: 3 DAYS

This course gives participants an in-depth understanding of the information security management systems based on ISO 27xxx and critical infrastructure protection standards based on national and EU laws. 

 

Learning Objectives

By the end of this course, participants  will be able to:

  • Understand the challenges of implementing an information security management system based on ISO 27xxx and critical infrastructure protection standards
  • Conduct information security risk assessments

 

 COURSE CONTENT

  • Information and Information Security

  • General introduction

  • Terms and definitions, delimitation to adjacent areas (e.g., privacy protection)

  • Why information security?

  • Legal and regulatory requirements (e.g. European Programme for Critical Infrastructure Protection (EPCIP), European Programme for Critical Infrastructure Protection, German IT-Sicherheitsgesetz / Kritis, etc.)

  • Protection of information, protection requirements (confidentiality, availability, integrity, etc.)

  • Standards for information security (ISO 2700x, German BSI Grundschutz, PCI-DSS, etc.).

  • Integrated management system

  • High-level structure of the ISO management system standards

  • Similarities and differences between management system standards on the basis of the standards ISO 9001:2015, ISO 27001:2013 and ISO 22301:2012

  • Information Security Management based on the 2700x series

  • Introduction to Information Security Management System (ISMS)

  • Core elements of the standard ISO 27001 (PDCA cycle, management framework, Annex A Controls / Measures)

  • Best practice approach to implement an information security management system based on the ISO 2700x series of standards

  • Organization of information security in the company

  • Policies and processes in the ISMS

  • Measurability and ISMS indicators based on ISO 27004:2009

  • Brief introduction to business continuity management (according to the requirements in A.17 of ISO 27001, ISO 27031 and BSI 100-4)

  • Information Security Risk Management based on the 2700x series

  • General introduction to risk management

  • Requirements for IS risk management according to ISO 27001, ISO 31000, ISO 27005 and other requirements (laws, other standards, etc.)

  • Risk management for information security

  • The risk management process (asset inventory, protection, threats, vulnerabilities, risk, risk treatment)

  • Best practice for risk assessment

  • Treatment of IS risks

  • Selection of measures

  • Detailed explanation of the process using case studies and self-performed risk analysis

 

Target Audience

Persons in charge of

  • Information Security Management

  • Information Security Risk Management

  • IT Security

  • IT Security Risk Management

  • (Internal) Audits

  • Data Privacy

  • Compliance

 

Pre-requisite for Course Registration

Participants should have basic knowledge of information security and/or IT security.

 

Certification: ISH ISMS Specialist Diploma

The ISH ISMS Specialist Diploma provides participants with a broad and detailed understanding of implementing and maintaining an information security management system that complies with the international set of standards ISO 27xxx and critical infrastructure protection standards.

FAQs

How to get to the ISH Campus?

Address: Südallee 1 85326 Munich, Germany
Phone: +49 (0)89 975 32275

By car - from the A92 / Munich

Leaving the motorway A92 you will find yourself at the "Zentralallee". When reaching the first bridge, turn right and leave the "Zentralallee" following the sign with direction "Fracht/Cargo/Wartungsallee/Südallee/FOC".  Continue to follow the street  until the end - for approx. 1,5 km -  and turn left. On your right you will reach the “Luftpostleitstelle” where the ISH is located. 

By S-Bahn / airplane

Take the S-Bahn line S8 or S1 and drive to the “Besucherpark”. Exit the S-Bahn station towards the Flight Operations Center (FOC / Lufthansa) and at the bottom of the stairs, turn left and follow the road for approx. 1,5 km, leaving the "Frachtgebäude/Cargo" at your right hand side. At its end turn left and you will reach the "Luftpostleitstelle" where the ISH is located. 

Are events and trainings in English or in German?

Since we want to provide the best trainings and events for “Securing the Global future” we offer our programs in both English and German. You can tell which language the training or event is in by which flag icon is listed next to the title. A British flag for English or the German flag for Deutsch.

How can I book an open class or company training?

For our "CDC Handling" open class trainings please register via our online registration form. If you plan a company training please arrange a date with our training department, as we offer these trainings on demand.

Which hotels are in the area?

While there is a wide range of hotels around the airport we personally have stayed at both the Hilton and Novotel hotel, and find them to be very nice and comfortable.

Hilton Munich Airport

Address: Terminalstraße Mitte 20, 85356 München-Flughafen
Phone: +49 (0)89 97820

Hotel Novotel

Address: Nordallee 29, 85356 München Phone: +49 (0)89 9705130