Overview:

ISO 27799 provides guidelines for organizational information security standards and Information Security Management practices which include but are not limited to the selection, implementation and management of controls by taking into consideration the organization’s Information Security risk environments. This standard provides guidelines to support the implementation of information security controls in healthcare organizations based on ISO/IEC 27002.

By following the guidelines of this international standard, healthcare organizations will be able to maintain a level of security that is suitable to their conditions and will help to ensure the availability, integrity and confidentiality of their personal health information. Basically, ISO 27799 serves as a tool to protect personal health information. 

ISO 27799 Foundation training enables you to learn the basic elements of Information security management and Information Security Controls in healthcare organizations as specified in ISO 27799 and ISO/IEC 27002. During this training course, you will be able to understand how ISO 27799 is related to ISO/IEC 27001 and ISO/IEC 27002.

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO 27799 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies and management approach.

Duration:  02 days

Objectives:

• Understand the operations of an Information Security Management System based on ISO/IEC 27001 
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
• Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
• Learn how to lead an audit and audit team
• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011

Intended Audience: 

• Individuals interested in Information Security Management applicable to the healthcare industry
• Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls relevant to healthcare organizations
• Individuals interested to pursue a career in Information Security Management 

Course outlines:

1. Day 1: Introduction to ISO 27799, ISO/IEC 27002 and Information Security Management System
2. Day 2: ISO 27799 and ISO/IEC 27002 Controls and Certification Exam