ISO/IEC 27001
Information Security Management Systems
Master the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001. This intensive 5-day course prepares you for international certification with practical risk assessment and control implementation.
Upcoming Dates
Jun 8-12, Jul 13-17, Aug 10-14
Duration
5 Days | 40 Hours
Location
Nairobi, Kenya
Certification
ISO 27001 Foundation/Implementer
What You’ll Learn
Core competencies for ISMS implementation
ISMS Framework
ISO 27001 structure, PDCA model, and documentation
Risk Assessment
Methodologies, asset valuation, and treatment plans
Annex A Controls
114 controls across 14 domains
Performance Metrics
KPIs, monitoring, and continual improvement
Internal Audit
Audit planning, execution, and reporting
Legal Compliance
GDPR, data protection, and regulatory alignment
Leadership & Culture
Top management commitment and security awareness
Incident Management
Response, business continuity, and disaster recovery
Course Modules
Comprehensive 5-day curriculum
Module 1: ISMS Context
Organizational context, stakeholders, scope definition
Module 2: Leadership & Policy
Management commitment, security policy, roles
Module 3: Risk Assessment
Risk identification, analysis, evaluation methodologies
Module 4: Risk Treatment
Control selection, Statement of Applicability
Module 5: Annex A Controls
Access control, cryptography, physical security
Module 6: Operations
Change management, capacity, malware protection
Module 7: Evaluation & Audit
Monitoring, measurement, internal audit program
Module 8: Improvement & Certification
Nonconformities, corrective actions, certification process
Course Schedule
5-day intensive program (Mon-Fri)
Day 1
Monday
Introduction to ISO 27001
ISMS fundamentals, high-level structure, context establishment
Day 2
Tuesday
Risk Assessment Workshop
Asset inventory, threat analysis, risk calculation methods
Day 3
Wednesday
Annex A Controls Deep Dive
Implementation guidance for all 14 control clauses
Day 4
Thursday
Internal Audit & Monitoring
Audit techniques, evidence collection, reporting
Day 5
Friday
Certification Exam Prep & Review
Mock exam, Q&A, and final assessment
Target Audience
IT Managers, Security Officers, Compliance Officers, Risk Managers, Internal Auditors, Consultants, and anyone responsible for implementing or managing information security.
Requirements
Basic understanding of information security concepts recommended. No prior ISO 27001 knowledge required. English proficiency is essential.
What’s Included
Complete learning package
Course Materials
Digital study guide & presentation slides
Case Studies
Real-world ISMS implementation examples
Risk Toolkit
Templates for risk assessment & SoA
Refreshments
Lunch & coffee breaks included
Certificate
Official course completion certificate
Exam Voucher
Optional certification exam (extra)
Post-course Support
3 months email consultation
Networking
Connect with industry peers
Secure Your Seat Today
Early bird discount available until 30 days before course start date.