You must be logged in to take this course → LOGIN | REGISTER NOW
ISO 27001 Lead Implementer Course
This free course will teach you how to become an independent consultant for the implementation of Information Security Management Systems using the ISO 27001 standard. This course was created to help novice users learn the standard and build their business. The course includes a certificate, approved by ASIC, which proves your expertise in the standard and enhances your consulting practice, as most organizations seek out certified consultants.
This course is divided into three sections:
- A video library: stores lectures and information on how to write procedures and documents required for the standard.
- An interactive workshop: helps you practice the concepts necessary for implementing the standard.
- Certification exam: upon successful completion of the exam, you will get a certificate and a badge for your LinkedIn profile to highlight your qualifications.
Dejan Kosutic & Garry Cornell
Course language: English
Course Curriculum
| Introduction | |||
| Introduction to the course | 00:00:00 | ||
| Module 1 - Introduction to ISO 27001 | |||
| Introduction & suggested reading | 00:00:00 | ||
| What is ISO 27001? | 01:30:00 | ||
| The structure of ISO 27001 | 02:30:00 | ||
| Information security principles | 02:30:00 | ||
| Introduction to the Information Security Management System | 02:30:00 | ||
| Implementing ISO 27001 requirements | 03:00:00 | ||
| Implementing ISO 27001 as a project | 01:30:00 | ||
| Documenting ISO 27001 requirements | 03:30:00 | ||
| ISO 27001 Benefits | 02:30:00 | ||
| ISO 27001 Benefits – Real-life exercise | 00:00:00 | ||
| Related documentation | 00:00:00 | ||
| Certification FAQs | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 2 - The planning phase | |||
| Introduction & suggested reading | 00:00:00 | ||
| Understanding your organization and its context [clause 4.1] | 02:30:00 | ||
| Understanding the needs and expectations of interested parties [clause 4.2] | 02:00:00 | ||
| Determining the scope of the ISMS [clause 4.3] | 02:00:00 | ||
| Leadership and commitment [clause 5.1] | 02:00:00 | ||
| Information Security Policy [clause 5.2] | 01:00:00 | ||
| Organizational roles, responsibilities and authorities [clause 5.3] | 02:30:00 | ||
| Information security objectives [clause 6.2] | 02:30:00 | ||
| Resources [clause 7.1] | 02:00:00 | ||
| Competence [clause 7.2] | 01:30:00 | ||
| Awareness [clause 7.3] | 01:30:00 | ||
| Communication [clause 7.4] | 01:30:00 | ||
| Documented information [clause 7.5] | 03:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 3 - Risk management | |||
| Introduction & suggested reading | 00:00:00 | ||
| Addressing risks and opportunities [clause 6.1.1] | 02:00:00 | ||
| Risk management process [clause 6.1.2] | 02:30:00 | ||
| Information security risk assessment – Risk identification [clause 6.1.2] | 03:00:00 | ||
| Exercise: Information security risk assessment – Risk identification | 00:00:00 | ||
| Information security risk assessment – Risk analysis and evaluation [clause 6.1.2] | 03:00:00 | ||
| Information security risk treatment [clause 6.1.3] | 03:00:00 | ||
| Statement of Applicability [clause 6.1.3] | 02:00:00 | ||
| Risk treatment plan [clause 6.1.3] | 00:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 4 - The Do phase | |||
| Introduction & suggested reading | 00:00:00 | ||
| Formulating the risk treatment plan [clause 6.1.3] | 02:00:00 | ||
| Implementing the risk treatment plan [clause 8.3] | 01:30:00 | ||
| Operational planning and control [clause 8.1] | 02:30:00 | ||
| Operating the ISMS [clause 8] | 01:00:00 | ||
| Managing outsourcing of operations [clause 8.1] | 02:30:00 | ||
| Controlling changes [clause 8.1] | 02:30:00 | ||
| Risk assessment review [clause 8.2] | 02:00:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 5 - The Check and Act phases | |||
| Introduction & suggested reading | 00:00:00 | ||
| Monitoring, measurement, analysis, and evaluation [clause 9.1] | 04:00:00 | ||
| Internal audit [clause 9.2] | 03:00:00 | ||
| Management review [clause 9.3] | 03:00:00 | ||
| Nonconformities and corrective actions [clause 10.2] | 04:30:00 | ||
| Continual improvement [clause 10.1] | 02:30:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 6 - Overview of Annex A | |||
| Introduction & suggested reading | 00:00:00 | ||
| Introduction to Annex A | 00:00:00 | ||
| People controls | 00:00:00 | ||
| Physical controls | 00:00:00 | ||
| Technological controls – overview and new controls | 00:00:00 | ||
| Technological controls – software development | 00:00:00 | ||
| Technological controls – operational security | 00:00:00 | ||
| Organizational controls – policies and responsibilities | 00:00:00 | ||
| Organizational controls – information and asset management | 00:00:00 | ||
| Organizational controls – operational security | 00:00:00 | ||
| Organizational controls – supplier security | 00:00:00 | ||
| Organizational controls – incidents and business continuity | 00:00:00 | ||
| Organizational controls – compliance, privacy, and legal aspects of security | 00:00:00 | ||
| Related documentation | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 7 - Getting the project approved | |||
| Introduction & suggested reading | 00:00:00 | ||
| What is your situation? | 00:00:00 | ||
| For consultants: Get more sales meetings with prospects | 00:00:00 | ||
| How to get the interest of top management in your project? | 00:00:00 | ||
| How to present the project | 00:00:00 | ||
| Other techniques for presenting the project | 00:00:00 | ||
| For consultants: Writing a great proposal | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 8 - Prepare for the implementation | |||
| Introduction & suggested reading | 00:00:00 | ||
| Define the scope of the project | 00:00:00 | ||
| Key stages of the project | 00:00:00 | ||
| Tips for project management | 00:00:00 | ||
| Estimating the project | 00:00:00 | ||
| Communication | 00:00:00 | ||
| Use of tools | 00:00:00 | ||
| Define roles and responsibilities | 00:00:00 | ||
| Project manager beware | 00:00:00 | ||
| Project documentation | 00:00:00 | ||
| Write a Project Plan | 00:00:00 | ||
| Kick-off meeting | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 9 - Implementation of a management system | |||
| Introduction & suggested reading | 00:00:00 | ||
| Executing the project work | 00:00:00 | ||
| Work assignment | 00:00:00 | ||
| Managing work assignments and resources | 00:00:00 | ||
| Enabling smooth project execution | 00:00:00 | ||
| Gathering information and recommending changes | 00:00:00 | ||
| Introducing documentation and changes in day-to-day use | 00:00:00 | ||
| Overcoming the resistance to change | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 10 - Monitor, control and completing the project | |||
| Introduction & suggested reading | 00:00:00 | ||
| Verifying and issuing a status report | 00:00:00 | ||
| Communication about the project status | 00:00:00 | ||
| Monitor and control meeting | 00:00:00 | ||
| Internal audit | 00:00:00 | ||
| Management review purpose | 00:00:00 | ||
| Management review preparation and execution | 00:00:00 | ||
| Acceptance and implementation closure | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 11 - Taking the organization for the certification | |||
| Introduction & suggested reading | 00:00:00 | ||
| Go for certification or not? | 00:00:00 | ||
| Choose a certification body | 00:00:00 | ||
| Certification process | 00:00:00 | ||
| Stage 1 and Stage 2 audits | 00:00:00 | ||
| Prepare the certification audit | 00:00:00 | ||
| Logistics of the certification audit | 00:00:00 | ||
| Preparing your people for the certification audit | 00:00:00 | ||
| What to expect from the certification auditors | 00:00:00 | ||
| After the certification audit | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Module 12 - Maintaining the certification | |||
| Introduction & suggested reading | 00:00:00 | ||
| Keeping the certification | 00:00:00 | ||
| Improving the management system | 00:00:00 | ||
| Top management leadership and example | 00:00:00 | ||
| Keep the management system updated | 00:00:00 | ||
| Until the next surveillance audit | 00:00:00 | ||
| What is the surveillance audit | 00:00:00 | ||
| Recap quiz | 00:00:00 | ||
| Instructions for taking the exam and obtaining the certificate | 00:00:00 | ||
- With the purchase you get:
- 1-Day online workshop
- Access to documentation tutorials
- Certificate approved by ASIC
- ISO 27001 EBOOK
- Access to course script
- Free exam retake
- Access to practice exam
- Price US$ 1797
Leading international authority in certification of training providers
The access to video lectures section of the course is free, so you can obtain all this knowledge at zero cost. The videos are organized into 12 separate modules, with each containing several videos and quizzes to aid your learning, plus a recap quiz that will give you an idea of the types of questions you may see on the certification exam. You may view a list of the module contents in the curriculum above. The video lectures have all been recorded, allowing you to watch them at your convenience, anywhere you like.
This course was created by Carlos Cruz, a veteran consultant of 30 years with experience in leading a variety of companies and organizations in their implementation efforts.
There are two instructors for this course. Garry Cornell has global experience as a senior manager, certification auditor, and consultant helping a wide range of businesses in their implementations of various ISO standards. Dejan Kosutic has extensive experience with information security management system according to ISO 27001 as a trainer, consultant, and ISO 27001 Lead Auditor. He has authored dozens of articles on leading ISO blogs, as well as the ISO 27001 Documentation Toolkit.
Type: Online video lectures
Course language: English
We don’t expect you to learn all of the skills you need to implement ISO 27001 information security management system in a series of video lectures, so we developed a supplemental workshop to enhance your learning. You can attend this one-day interactive workshop remotely via webinar. The purpose of the workshop is to help you develop the real-life skills needed in an ISMS implementation, using case studies, role playing, etc. You’ll also have the opportunity to develop soft skills helpful in the certification exam and in your new role as consultant.
Check out the times of our live online workshops to find one that fits your schedule. You can attend from your home or workplace.
Duration: 1-day workshop
Type: Online webinar
Once you have watched all of the video lectures, completed the quizzes, and attended the interactive workshop, you may access the certification exam. This is the final step in your certification journey, and because it is online, you may take it at a time and place convenient to you.
Upon successful completion of the examination, you will be presented with a certificate that formally states your competence as an ISO 27001 consultant.
The ISO 27001 Lead Implementer exam fee is already included in the price of the workshop, so you’ll have instant access once your workshop is booked and paid for.
Number of question: 40
Type: Online proctored exam
After registering for the workshop and examination, we will send you a link to a bonus series of video tutorials designed to help you with ISO 27001 documentation for information security management system. These tutorials will provide guidance on how to complete the core documents required by ISO 27001, making them invaluable to a new ISO 27001 consultant.
You’ll have comprehensive, step-by-step guidance for completing the Information Security Policy, Information Security Manual, Information Security Objectives, Scope of the Information Security Management System, and the other required documentation for your ISO 27001 implementation project.
Number of tutorials: 17
Tutorials language: English
Benefits of getting the certificate
A certificate of competence proves that you attended the eTraining course and that you passed the exam certified by ASIC. This ensures that you understand and can apply the implementation knowledge you gained in each of the course's modules.
How to get certified?
It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Attend the workshop.
3) Pass the online exam.
Bonuses with the certificate
Once you purchase the certificate, you will receive the following bonuses:
SECURE & SIMPLE: A Small-Business Guide to Implementing ISO 27001 On Your Own (eBook)
The plain English, step-by-step handbook for information security practitioners.
In this book, Dejan Kosutic, an author and experienced information security consultant, is giving away all his practical know-how on successful ISO 27001 implementation. No matter if you’re new or experienced in the field, this book gives you everything you will ever need to implement ISO 27001 on your own.
Course Script (PDF)
If you decide to purchase the exam you will get the PDF script from the course completely free. The script includes everything said in the videos and all quizzes.
This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.
Free exam retake
Once you purchase the exam, you will be able to retake it.
This means, if you do not pass the exam on your first attempt, you can retake it one time, free of charge.
There is no mandatory waiting period between the two attempts.
Practice Exam
With the purchase of the exam, you get access to practice exams. You can use these exams to test your knowledge and familiarize yourself with the exam environment.
The results from the practice exam do not have any effect on the results of the final exam.
Course Reviews
Frequently Asked Questions
There is no time limit, so you can take as long as you need to watch the video lectures. We do, however, recommend that you watch them all within 3–4 weeks so that you get the most benefit from them.
You may access the video lectures at any time. Because the lectures section is a made up of pre-recorded video lectures and freely available practice quizzes, reading, and other resources, you my access them whenever it is convenient.
You don’t need any prior knowledge or experience in the implementation – this course was designed so that a beginner to these topics will understand it.
We have to pay for all of our great resources somehow :). Our video lectures are freely available, but there is a fee required to attend the workshop, take the certification exam, and receive the certificate – but, this fee is highly discounted compared to what you would pay to attend a comparable course in a classroom. In addition, when you pay for the workshop, we will send you a download link to a PDF containing scripts from all of the video lectures, plus practice quizzes, practice tests, and links to extra reading materials. Having access to all of the content from the video lectures will make it much easier to prepare for your workshop and certification exam. You will also be able to access the video tutorials to learn how to write the information security management system documents required by ISO 27001.
To participate in the online workshop, we will send you a special link to connect to the Zoom. All you need is a computer with microphone and speakers.
Completion of all of the video lectures is the only prerequisite.
The certification exam may be taken online, from anywhere. To make this possible, we employ an online proctoring service. Click here to learn more.
After watching all of the video lectures and completing the workshop, you may take the certification exam. If you earn a passing score, you will be issued the certificate. Please note that during the exam, an online proctoring service will verify your identity and ensure that you take the exam without assistance. Click here to learn more about our online proctoring service.
All you need to access the course is your PC, Mac, or mobile device, any major browser (Chrome, Firefox, Internet Explorer, Safari, etc.), and a broadband Internet connection. And, of course, plenty of available time to devote to the course.
The course materials (video lectures, quizzes, reading materials, practice exams, and other resources), along with the skills you learn from the workshop, are all you need to successfully pass the certification exam and receive your certificate.
With your purchase of the certification exam, in addition to having access to the workshop, you will also gain access to a bonus PDF of all the scripts from the video lectures, all of the course questions, readings, access to the practice exams, and a library of video tutorials to guide you through implementation of the mandatory information security management system documentation for ISO 27001.
To learn what ISO 27001 Lead Implementer training looks like, see this article.
- With the purchase you get:
- 1-Day online workshop
- Access to documentation tutorials
- Certificate approved by ASIC
- ISO 27001 EBOOK
- Access to course script
- Free exam retake
- Access to practice exam
- Price US$ 1797
Leading international authority in certification of training providers
