On this training we will learn the fundamental concepts of the ISO2700 standards globally. The standards that make up the ISO/IEC-27000 series are a set of standards created and managed by the International Organization for Standardization (ISO) and the International Electronic Commission (IEC). Both international organizations are involved in many countries, ensuring their wide dissemination, implementation and recognition around the world.
The 27000 series are aimed at establishing good practices in relation to the implementation, maintenance and management of the Information Security Management System (SGSI) or by its name in Information Security Management System (ISMS). These guidelines aim to establish best practices in relation to different aspects related to information security management, with a strong focus on continuous improvement and risk mitigation.
ISO 27000: provides the basics and common language for the rest of the standards in the series.
ISO 27001: Specifies the requirements needed to deploy and manage an SGSI. This standard is certifiable.
ISO 27002: defines a set of best practices for the implementation of the SGSI, through 114 controls, structured in 14 domains and 35 control objectives.
ISO 27003– Provides a guide to successfully implementing an SGSI, focusing on the important aspects to successfully perform this process.