Implementing an ISMS for Operators of Essential Services (OES): Improving the information security posture
€1,560.00 excl. VAT
IT and ISMS Specialist, Consultant and Project Manager with 19 years of professional experience in the field of cyber security for the energy sector, banks, insurances, public authorities, transportation industry as well as for the IT and Internet industry. ISMS Lead Auditor and Information Security Officer (ISO) with profound hands-on professional experience in the development, implementation, operation and auditing of ISMS with several key-certificates (CISSP, CRISC, Lead Auditor 27001 and 20000, etc.).
The high amount of information and the low-security level within critical processes, put at risk the productivity of the organizations and the security of the processed information managed by Operators of Essential Services (electricity, oil and gas, distribution system operators, industrial system operators, entities from the air and railway transportation sector, health care, drinking water suppliers). Measures to improve your security level are needed to combat threats. Organizational and technical measures need to be employed to establish a good level of security. For systems to remain secure, however, security posture must be evaluated and improved continuously. Establishing such process that will support these ongoing improvements is essential in order to maintain your security level. Experience has shown that implementing Information Security Management System (ISMS) according to internationally recognizable information security standard ISO 27001 is a very good approach to accomplish that mission. Companies obtaining the ISO/IEC 27001 certification have indirect proof that they meet the mandatory regulatory requirements imposed by the legal system under which they perform their activities. The increasing trend is for them to decide to implement an Information Security Management System (ISMS) due to industry-specific requirements or in order to build the trust of their customers.
With rich experience in the Energy and Industrial sector, we are offering our knowledge and expertise during this 3-day in-depth training, covering all clauses and controls in the ISO 27001 standard. We will be discussing:
- Securing executive support and set the objectives
- Defining the scope of the system
- Evaluating assets and analyzing the risk
- Defining the Information Security Management System
- Competencies of the ISMS Roles
- Best practices in the development and the implementation phases
- Maintaining the ISMS, monitoring and continuously improvement process
- ….. and a lot more
Professionals who are:
- Working to implement or maintain an ISMS within an organization
- Required to audit an ISMS and are required to have a basic understanding of the standard
- Working within an organization with an ISMS, whether the organization is already certified or is considering certification to ISO/IEC 27001.
Targeted at quality managers, other executives, managers and supervisors, business process owners, program and project managers, assessors, consultants.
Please note that the mentioned dates are subject to change if the required number of participants is not met. If interested in the training courses but the proposed dates do not suit your schedule and would like to be enrolled on a waiting list, or if you would like a dedicated session for your team (on-demand), please get in contact at firstname.lastname@example.org.