ISO/IEC 27001 – Information Security Management Foundation Training | JFAM Synergy

Do you know how to protect and maintain the information security of your organizatoin?  Are you interested to know how does the organization protect their information and data?  The solutions include:

Overview of ISMS requirements

  • ISMS scope, objectives and policy
  • Management review, e.g. input and output
  • Internal audit(s)
  • Monitoring and Review process
  • Continual improvement process

Overview to Information Security Risk Management process
Overview to ISMS Control Objectives and Controls to reduce the risk

  1. Controls for information security policy, e.g. access control policy, password use…
  2. Controls for organisational information security, e.g internal, 3rd-Party
  3. Controls for asset management, e.g. customer database
  4. Controls for human resource security, e.g. personnel screening
  5. Controls for environmental and physical security, e.g. entrance control,
  6. Communications and operational security, e.g. network use policy
  7. Access controls, e.g. accounting, authentication, authorization,
  8. Controls for information system acquisition, development and maintenance, e.g. software system security requirements, maintenance
  9. Controls for information security incident management, e.g. event monitoring, reporting and analysis
  10. Controls for business continuity management, e.g. BCPs (business continuity plan(s)) for IT srevices, recovery exercises
  11. Controls for legal and technical compliant,e.g. IPR (intellecture property rights), Personal Data Protection Law


This Professional CERT certified course will introduce you “WHAT” are the best practices of information security management according to latest international standard – ISO/IEC 27001 within ONE day.


This course is suitable for:

  • Those who wish to understand the good practice of Information Security Management System (ISMS) in accordance with ISO/IEC 27001
  • Those involve in the usage of IT operations, administration and management
  • Consultants who wish to provide advice on ISO/IEC 27001 implementation
  • Information security, legal compliance and Management professionals
 No prior knowledge is required.



A combination of tutorials and syndicate exercises including the following topics:

  • ISMS framework and requirements
  • ISMS related standards and best practices
  • How to establish an Information Security Management Systems (ISMS)
  • Information security risk management process
  • Information security incident handling
  • Information security business continuity
  • Legal and Technical compliance



  • Improve the information security management skills
  • Improve the overall awareness of information security management on technical and legal compliance
  • Improve the overall information security management concept of the organisation


Recognised & Certified by:


Visit IRCA at


You can choose whether you would like to attend one of our scheduled public courses or have it delivered on your premises as an in-company solution

Contact:  for more information