Translate

вторник, 15 септември 2015 г.

REMOTE TRAINING 
FOR 
INFORMATION SECURITY MANAGEMENT SYSTEM (ISO 27001),
SERVICE (IT) MANAGEMENT SYSTEM (ISO 20000-1)
AND
COUNTERACTION TO THE ‘INSIDERS’ MALICIOUS ACTIVITIES


LIST OF COURSES

1. Approach and methodology for building Information Security Management System (ISMS) in accordance with the requirements of ISO 27001: 2013 and ISO 27002: 2013 recommendations.

The aim of the course is to prepare learners to self-build, maintain and develop ISMS, compliant with the requirements of ISO 27001: 2013 and ISO 27002: 2013 recommendations.

2. Approach and methodology for development and maintenance of Service (IT) Management System (SMS) in accordance with the requirements of ISO 20000-1: 2011 and the recommendations of ISO 20000-2: 2012.

Course aims to prepare students for self-development, implementation and maintenance of SMS, in accordance with the requirements / recommendations of international standards, as follow:
- ISO 20000-1: 2011 - Information technology - Service management - A Unit 1: Requirements for SMS
- ISO 20000-2: 2012 - Information technology. Service management - Part 2: Code of Good Practices for Service Management

3. Counteraction to the “INSIDER” malicious activities.

The course is designed for professionals in the field of information security – including high and middle level managers. The course addresses the main practices against malicious "insiders", creating risks to the information security and business of the organization.
For the purpose of this training course in malicious "insiders" or malicious "insider" means a current or former employee, contractor or business partner who meets the following criteria:
- Has or had authorized access to the network (s) systems and data / information of the organization;
- Deliberately or intentionally exceed authorized access, using this in a way, that violates the confidentiality, integrity and / or availability / accessibility of data / information or information systems of the organization as a whole.

4. Methodology for the development of the documentary part of ISMS in accordance with the requirements of ISO 27001: 2013

The training course is designed to prepare trainees to independently develop, implement and maintain the documentary part of the ISMS in accordance with the requirements of ISO 27001: 2013 and ISO 27002: 2013 recommendations.
During the course discusses the construction sequence of the documentary part of the ISMS, tools for its establishment and a large amount of documents of different types - policies, procedures, instructions, procedures, plans and others.
The methodology is applied repeatedly from organizations that have developed and certified ISMS for the degree of compliance with the requirements of ISO 27001.

5. Methodology for the development of the documentary part of the SMS in accordance with the requirements of ISO 20000-1: 2011

The training course is designed to prepare trainees to independently develop, implement and maintain a documentary of SMS in accordance with the requirements of ISO 20000-1: 2011 and the recommendations of ISO 20000-2: 2012.
During the course discusses the construction sequence of the documentary part of SMS, large amount of documents of different types - policies, procedures, plans and others.
The methodology takes into account the presence or absence of built in organization Quality Management Systems (QMS – ISO 9001) and / or ISMS (ISO 27001) in determining the scope of the documentary of the SMS.


For questions and additional information:

infosecservicebg@gmail.com
+359 886 655 315 - Plamen Kamenov
http://infosecservicebg.wix.com/study-security