NoScript Tracker
Register Customised training
This training is offered in the form of face-to-face training.
Catalog

ISO/IEC 27002 Foundation & Implementation ISO 27001

Information Technology (IT)

Description

Introduction

Foundation training course provides information on the fundamental concepts of information security, cybersecurity and privacy based on ISO/IEC 27002.

Objectives
  • Explain the fundamental concepts of information security, cybersecurity, and privacy based on ISO/IEC 27002
  • Discuss the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks.
  • Interpret the ISO/IEC 27002 organizational, people, physical, and technological controls in the specific context of an organisation.
Public cible
  • Professionals engaged in or responsible for information security management
  • Individuals seeking to gain knowledge about the main processes of an information security management system and information security controls
  • Individuals interested to pursue a career in information security
Programme
Day 1 : Information Security Management System – ISO 27001/2023 versus ISO 27002/2022 (Information technology — Security techniques — Code of practice for information security controls)

  • Terminology: Management System, Process, Continuous Improvement, Incident etc.

  • Presentation of ISO 27001 (Information Security Management System) and ISO 2700

  • Context of organisation

    • Tools for the context analysis

    • Internal and external issue

  • Leadership

    • Policy

    • Rules and responsibilities

    • Values

  • Plan

    • Risk Assessment

    • Objectives and Action Plan

  • Support

    • Infrastructure

    • Traning and Skills

    • Communication

    • Documented Information

  • Operations

    • Operational Control

    • Interested parties (subcontractors and external parties)

    • Risk treatment

  • Performance

    • Monitoring KPI’s

    • Regulatory conformity (GDPR and others)

    • Internal Audit

    • Management Review

  • Continuous Improvement

    • Incidents, nonconformities and corrective actions

Day 2 : People, physical, and technological controls based on ISO 27002: 2022

  •   Clause 5 Organizational (37 controls)

  •   Clause 6 People (8 controls)

  •   Clause 7 Physical (14 controls)

  •   Clause 8 Technological (34 controls)

  •   Appendix A – Using attributes

Atelier : Case Study Exercise

  • Presentation by different groups


Conditions

Course Material

The training material will be handed out at the beginning of the course.

Bibliography: We are using during this training the norms ISO 27001:2022 Information Security Management Systems and ISO 27002:2022 Information technology — Security techniques — Code of practice for information security controls.

IT Tool : GRCC – Governance Risk Compliance Center


Location
Chambre de Commerce Luxembourg
7, rue Alcide de Gasperi
L-1615 Luxembourg
Luxembourg
Calculate the itinerary

Sessions and schedules

Download the schedule (PDF)

  • Mon 28.04.2025

    08:30 to 17:30

    8H

    ISO/IEC 27002 Foundation & Implementation ISO 27001

    Chambre de Commerce Luxembourg

  • Tue 29.04.2025

    08:30 to 17:30

    8H

    ISO/IEC 27002 Foundation & Implementation ISO 27001

    Chambre de Commerce Luxembourg