Back

ISO 27001 The fundamentals

  • Cybersecurity

Objectives

  • Understand the ISO 27001:2022 framework and its requirements.
  • Learn the ISO certification process.
  • Familiarize with the PDCA cycle for continuous improvement.
  • Master key clauses and controls of ISO 27001.
  • Gain insights into best practices through ISO/IEC 27002:2022

Day 1 – Morning

  • Introduction to ISO standards and the ISO 27000 family.
  • Overview of the ISO 27001 certification process, including its steps and strategic benefits.
  • Key concepts of information security and effective management of an Information Security Management System (ISMS).

Day 1 – Afternoon

  • Detailed examination of the essential clauses of ISO/IEC 27001:2022, focusing on their structure and objectives.
  • Introduction to risk management methodologies, including identifying, assessing, and addressing risks.

Day 2 – Morning

  • Understanding and applying the PDCA (Plan-Do-Check-Act) cycle for continuous improvement within an ISMS.
  • Review of mandatory security measures and their practical implementation.

Day 2 – Afternoon

  • Exploration of best practices for information security based on ISO/IEC 27002:2022, including guidance for implementing security controls.
  • Practical exercises, case studies, and real-world scenarios to reinforce learning and provide actionable insights for participants.

Throughout the training, participants engage in interactive workshops and group discussions, ensuring a hands-on learning experience tailored to real-world applications.

No experience in computer security is required. Basic understanding of information security concepts would be beneficial.

The following elements will be provied:

  • Training slides and documentation on ISO 27001 fundamentals
  • Practical exercises on risk analysis and PDCA cycle integration
  • Case studies on implementing security measures
  • A review of ISO/IEC 27002:2022 best practices​.

This training targets any professional interested in understanding ISO/IEC 27001 certification and security governance. In particular auditors and consultants involved in security management systems, compliance officers, risk or IT managers.

  • Interactive presentations
  • Hands-on workshops (risk analysis, PDCA cycle)
  • Case studies and real-world scenarios
  • Group discussions and Q&A sessions

Assessments at the beginning and end of the course, quizzes …

5 working days before the course start date (if financed by OPCO).

A training certificate complying with the provisions of Article L. 6353-1 paragraph 2 is issued to the trainee.

For all information and registrations
Contact us
  • Available all year.
  • 2 days
  • On request
Download the training catalogue
Share
Our SERMA Academy training catalog is managed by our subsidiary SERMA Technologies, certified Qualiopi for the category of action: Training actions.

I subscribe to the training newsletter

AMONG OUR TRAINING

  • Cybersecurity

Cybersecurity and compliance rail – TS 50701
  • Cybersecurity

Cybersecurity and automotive compliance – UN R155 / UNR156 & ISO 21434

Contact us

    Sign up for 

    our newsletter

      Linkedin Youtube
      • HEAD OFFICE
        14 Rue Galilée - CS10055
        33615 Pessac - France
        +33 (0)5 57 26 08 88

      © 2024 SERMA GROUP – Terms and ConditionsData protection policy