top of page
Data Processing
Certified Information Security Management Implementer (ISO 27001)
Target Students

  • IT Security Managers

  • Compliance Officers

  • Information Security Professionals

  • Risk Management Professionals

  • IT Auditors

  • Any professional involved in implementing and managing information security systems

Duration : 5 Days (40 hours of instruction)
Learning Objectives

  • Understand the principles and requirements of ISO 27001.

  • Learn how to establish, implement, maintain, and continually improve an Information Security Management System (ISMS).

  • Gain knowledge of the risk assessment and treatment processes in the context of ISO 27001.

  • Develop skills to manage and mitigate information security risks.

  • Understand the certification process for ISO 27001 compliance.

  • Learn how to conduct internal audits and manage non-conformities.

Exam Codes
 

  • CISMI-01 (Certified Information Security Management Implementer - Fundamentals)

  • CISMI-02 (Certified Information Security Management Implementer - Advanced)

Exam Formats
 

  • Multiple choice questions

  • Case study analysis

  • Scenario-based questions

Exam Duration
 

  • 90 minutes for each exam

Exam Options
 

  • Online proctored exam

  • On-site exam at accredited testing centers

Passing Score
 

  • 70% for certification

Course Outline
 

  • Introduction to ISO 27001

    • Overview of ISO 27001 and its significance

    • Key principles and terminology

    • Structure and requirements of the ISO 27001 standard

    • Overview of the Plan-Do-Check-Act (PDCA) model in ISMS

  • Establishing an Information Security Management System (ISMS)

    • Understanding the organizational context

    • Defining the scope of the ISMS

    • Developing an ISMS policy

    • Roles and responsibilities in ISMS implementation

  • Risk Assessment and Treatment in ISO 27001Overview of risk management processes

    • Conducting risk assessments in accordance with ISO 27001

    • Identifying and evaluating information security risks

    • Developing and implementing risk treatment plans

    • Risk acceptance and residual risk management

  • Implementing Security Controls

    • Overview of Annex A controls in ISO 27001

    • Implementing technical, physical, and administrative controls

    • Access control measures and identity management

    • Cryptographic controls and secure communication

    • Incident management and response planning

  • Maintaining and Improving ISMS

    • Monitoring and measuring the effectiveness of ISMS

    • Internal audit processes for ISO 27001 compliance

    • Handling non-conformities and implementing corrective actions

    • Continuous improvement and updating the ISMS

  • ISO 27001 Certification Process

    • Steps to achieve ISO 27001 certification

    • Preparing for certification audits

    • Managing the certification audit process

    • Understanding certification bodies and accreditation

  • Case Studies and Practical Implementation

    • Real-world examples of ISO 27001 implementation

    • Lessons learned from successful ISMS implementations

    • Common challenges and solutions in achieving ISO 27001 compliance

  • Future Trends in Information Security Management

    • Emerging threats and their impact on ISMS

    • Adapting ISO 27001 to new technologies (e.g., cloud computing, AI)

    • Preparing for future changes in the ISO 27001 standard

Target Students
 

  • CISMI-01 (Certified Information Security Management Implementer - Fundamentals)

  • CISMI-02 (Certified Information Security Management Implementer - Advanced)Human Resource professionals

  • Team leaders and managers

  • Compliance officers

  • Employees in all sectors looking to enhance ethical practices in the workplace

Course Duration
 

  • 3 days (24 hours of instruction)Learning ObjectivesUnderstand the principles of workplace ethics and their importance in fostering a positive organizational culture.

  • Learn about the key components of a robust code of conduct and how to implement them effectively.

  • Identify and address common ethical dilemmas in the workplace.Develop skills for promoting ethical behavior and compliance within teams and across the organization.

  • Gain knowledge of legal and regulatory frameworks related to workplace ethics and conduct.

Certified Workplace Ethics and Code of Conduct
Exam Codes
 

  • CWE-001: Ethics Principles and Code of Conduct Essentials

  • CWE-002: Legal Frameworks and Regulatory Compliance

Exam Duration
 

  • Each exam: 90 minutes

Exam Formats
 

  • Multiple-choice questions

  • Scenario-based questions

  • Short answer questions

Exam Options
 

  • Online proctored exams

  • In-person at authorized testing centers

Exam Options
 

  • Online proctored exams

  • In-person at authorized testing centers

Course Outline

Introduction to Workplace Ethics
 

  • Definition and Importance of Ethics in the Workplace

    • Understanding workplace ethics

    • The role of ethics in organizational success

    • Impact of unethical behavior on businesses

  • Core Ethical Values

    • Integrity, honesty, and fairness

    • Respect and empathy in the workplace

    • Responsibility and accountability

  • Creating an Ethical Culture

    • Leadership's role in promoting ethics

    • Developing an ethical framework within the organization

    • Case studies of ethical and unethical workplaces

Passing Score
 

  • 70% for certification

Understanding and  Implementing a Code of Conduct
 

  • Elements of a Code of Conduct

    • Key components of an effective code of conduct

    • Customizing the code for your organization

    • Communicating the code of conduct to employees

  • Legal and Regulatory Considerations

    • Overview of relevant laws and regulations (e.g., anti-discrimination laws, harassment policies)

    • Ensuring compliance with industry standards

    • Reporting mechanisms and whistleblower protections

  • Addressing Ethical Dilemmas

    • Identifying potential ethical issues in the workplace

    • Approaching and resolving conflicts of interest

    • Role-playing scenarios to practice ethical decision-making

Promoting and Enforcing Workplace Ethics
 

  • Training and Development

    • Designing effective ethics training programs

    • Ongoing education and reinforcement of ethical practices

  • Monitoring and Enforcement

    • Establishing oversight mechanisms to ensure adherence

    • Handling violations of the code of conduct

    • Disciplinary actions and consistency in enforcement

  • Evaluating and Updating the Code of Conduct

    • Continuous improvement of ethical standards

    • Gathering feedback and making necessary revisions

    • Best practices for maintaining an up-to-date code of conduct

Final Review and Preparation for Certification Exams
 

  • Review Session

    • Recap of key concepts and principles covered during the course

    • Exam preparation tips and practice questions

  • Q&A Session

    • Addressing any remaining questions or concerns

    • Guidance on next steps after certification

Original Logo.png

1487 Chain Bridge Rd, McLean,

VA 22101, USA

certification[at]cerns.org

NAVIGATION

HOME

ABOUT US

CERTIFICATION

RESOURCES

STAY CONNECTED

CONTACT US

JOIN OUR MAILING LIST

CERNS @2024. All Right Reserved.

bottom of page