Information Security & ISO27001

Information Security Training

All organisations need to be aware of Information Security because New General Data Protection Regulations (GDPR) were recently introduced. Your organisation should protect people's personal data by putting safeguards into place, therefore you must have a Data Protection plan.  You may feel that it is like trying to navigate a minefield when trying to implement the new changes, however we can offer training in information security management.

ISO 27001 is an international standard for Information Security which takes a business risk approach by creating a framework for managing threats. We can provide training courses for your organisation to help all staff manage your information security system.

A Risk Management System

You should identify information security risks for the activities in your organisation because you need to plan how your organisation will deal with the identified risks.

Your organisation's staff screening and disciplinary policies and procedures for identifying and managing suppliers with access to your organisation's information are included in an ISO 27001 system.  You can use these policies to managing information security risk.

You can review legal and other requirements placed on the organisation as part of ISO 27001. This is becoming more relevant as Data Protection Laws are evolving across Europe, America and the world.

You should look for  continual improvement of the system by setting measurable, achievable objectives.   The vulnerabilities identified in the risk assessment or more general business strategy may drive improvements.

Training

Training is a great way to help fill in the gaps in employees’ knowledge therefore ensuring your organisation is fully aware of the requirements and legal implications. You can choose from online e-learning courses or face-to-face, classroom, on site and venue-based training sessions.  We can create Bespoke Information Security training for you organisation, or you can choose from our range of ready-made courses. Topics include:

  • Information Security (ISO 27001)
  • Data Protection / GDPR
  • Cyber Essentials
  • Confidentiality
  • Access Control
  • Cyber Security

For an example of a basic online training course, see  https://digital.lorators.com/courses/iso-27001-awareness-employees/