What you will learn

• Understand system scope, boundaries, documentation, and the needs of interested parties.
• Learn leadership commitment, clear roles, and the importance of an Information Security Policy.
• Conduct and document risk assessments, and monitor objectives.
• Identify necessary resources and enhance understanding of ISMS requirements.
• Control processes and services, and implement risk treatment plans.
• Evaluate performance, conduct internal audits, and ensure auditor objectivity.
• Emphasise continuous improvement, nonconformity, and corrective action.
• Analyse Annex A controls, including Organisational, People, Physical, and Technological Controls.
• Transition from ISO 27001:2013 to ISO 27001:2022.