ISO/IEC 27001 formally
specifies an Information Security Management System (ISMS), a governance
arrangement comprising a structured suite of activities with which to manage
information risks (called information security risks in the standard). The ISMS
is an overarching framework through which management identifies, evaluates, and
treats (addresses) the organization's information risks.
An ISMS preserves the
confidentiality, integrity, and availability of information by applying a risk
management process and gives confidence to interested parties that risks are
adequately managed.
This course will cover:
·
Introduction
·
ISO/IEC 27001
·
Quiz