Understanding ISO/IEC 27001:2022 & VDA ISA TISAX Information Security Management Systems Live-Online
This one and a half-day course was developed to cover all requirements of the ISO/IEC 27001:2022 standard. The course includes definitions from ISO/IEC 27000:2018 (Information Security Management Systems – Overview and Vocabulary), Guidance from ISO/IEC 27003:2017 (Information Security Management System Implementation and Guidance).
Within this course, you'll learn to:
- Understand the application of Information Security Management principles in the context of ISO/IEC 27001:2022.
- Relate the Information Security Management system to the organizational products, services, activities and operational processes.
- Relate organization’s context and interested party needs and expectations to the planning and implementation of an organization’s Information Security Management system.
This seminar is designed for:
- Senior Managers
- Engineers
- Consultants
- Individuals wanting to develop competency in ISO/IEC 27001:2022
- Management Representatives
- Individuals responsible for cybersecurity industry
Day One:
- Introduction and Welcome
- What is TISAX and Why Do We Need an Information Security Management System?
- Expectations of Interested Parties
- Introduction to the VDA Information Security Assessment workbook
- TISAX Requirements – Shoulds, Musts and Shalls
- Attainment of Maturity Levels
- A Look at Related ISO/IEC 27001:2013 ISMS Clauses and Requirements
- Additional (Good to Know) Information for Implementation
Day 1.5
- The ISO Standards Explained
- Introduction to ISO/IEC 27001:2013 and Key Terms from the ISO 27000:2014 – Overview and Vocabulary
- ISO/IEC 27001:2013 Requirements Including Applicable Guidance from ISO 27003:2017 o Group Exercise:
- Context of the Organization
- Group Exercise: Interested Parties
- Group Exercise: Audit Scenarios
- Group Exercise : IT Security Controls
- Understanding ISMS Final Exam