Global > South Africa > Services > Risk Advisory

Material on this website is © 2011 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

ISO 27001 Learning

Key points to achieving ISO 27001 Certification

Course overview

This course was developed by Deloitte Security and Privacy Services, South Africa. This course has been divided into 3 components, namely: Fundamentals, Implementing and Auditing ISO\IEC 27001:2005. Participants will have the option of attending the full course or either of the sections. Our trainers, who are experienced ISO 27001 practitioners, will provide clear explanations and clarification on areas that have caused difficulties for many organisations. Including challenging aspects such as setting the scope, performing the risk assessment and preparing for the auditors. The course adopts a mix of theory, practical exercises and group discussion around the real issues that organisations face in preparing for formal certification.

Who should attend?

The course will benefit staff with responsibility for implementing ISO 27001 including information security practitioners, internal auditors, third party providers and project managers.

Fundamentals of ISO\IEC 27001:2005
Number of Days: 1
This course focuses on:

The ISO 27000 family of standards
Relationship between ISO 27001 and ISO 27002
ISO 27001 Management Clauses
ISO 27002 Controls

Audience
The course is applicable to anyone who wants to gain a basic understanding of this leading international security management standard.
No prior knowledge of ISO 27001 is required.

Course Fee: R 2 950-00 per person*

Implementing ISO\IEC 27001:2005
Number of Days: 1
This course focuses on:

Developing an implementation plan
Developing policies and procedures
Understanding the Statement of Applicability
The importance of Risk Management
Developing metrics for controls
Establishing a security forum

Audience
This course is suited for security professionals who want to implement an ISMS at their organisation.
Participants must have a basic knowledge of ISO 27001/2 or have attended the “Fundamentals” course.

Course Fee: R 2 950-00 per person*

Auditing ISO\IEC 27001:2005
Number of Days: 1
This course focuses on:

Audit planning and preparation
Internal audit requirements
The Stage 1 and Stag 2 Certification Audits
Tips to ensure successful audits and ongoing compliance

Audience
This course is suited for security professionals who want to gain an understanding of the audit requirements when certifying an organisation to ISO 27001.
Participants must have a basic knowledge of implementing ISO 27001/2 or have attended the “”Implementing” course.
Course Fee: R 2 950-00 per person*
*Reduced rate if attending all three ISO 27001 courses: R8 550-00

Course facilitator:
Charl Le Roux
Charl is a Senior Manager with the Security and Privacy Services team of Deloitte.
He specialises in Information Security Management System implementation.
Charl has in-depth knowledge of ISO 27001, the internationally recognised standard for Information Security Management.

He has completed four successful ISO 27001 / BS 7799 Certification projects.