Description
ISO 27001 is the Global Standard for Information Security. If you're interested in protecting your assets and information against attacks, this is for you! ISO 27001 is a framework for efficient and comprehensive protection of what is vitally important to your business. If you know little about the standard, and want to know more, then this series of short video lectures will help you to understand what is ISO 27001 and what is required to implement it. In these short lectures we talk briefly about the following topics: Scope - What do we mean by Scope in the context of ISO 27001?Risk - You need to measure and control the Risks to your business. We talk about the basics of Risk Analysis. Controls - What controls to you need to put in place to address the risks you have identified. What is meant by Controls? We discuss Mandatory and Optional Controls. Documentation - A very important document in ISO 27001 is the Statement of Applicability. What is it and what does it contain?Documentation - What other documentation is required for ISO 27001? Some are mandatory and some optional. Assets - There are two types of Assets, Digital and Physical. How do you record these in ISO 27001?Measurement - ISO 27001 requires you to measure how effective your controls are. How do you do that?Implementation - We provide information on how best to implement the standard in your organization. What steps are required. Certification - It is not compulsory, but should you choose to certify to the standard, what is involved and how best should you do it?At the end of the course is a short test, and after completing the course you should have a good basic understanding of the Global Standard, the main features and requirements, and some guidance on how to implement it.
