ISO 27001 Training Courses

smiahsmiah Member Posts: 25 ■□□□□□□□□□
Hi,
I'm from Manchester,u.k. Looking for nearby good training courses for iso27001, Internal Audit and Implementation.
Due to Financial crisis my company will only provide books!!, looks like i'll have to fork out my own hard working money for the courses!!!

Can anybody comment: is reading books / practical guides as good as attending traning courses?? what are the pros & cons??

I also want to be certified in this field, can anyone send info on which exams to take?

I have been working in I.T for last 10 years, working on systems managements including securities, have 2x mcse's.


Please helpicon_cheers.gif

Comments

  • JDMurrayJDMurray Admin Posts: 13,101 Admin
    smiah wrote: »
    I also want to be certified in this field, can anyone send info on which exams to take?
    I do not believe that there are any IT certifications specifically for ISO 27001 auditors. I attended an ISO 27001 presentation a few weeks ago given by an auditor who specializes in 27001, and in his long list of certs I didn't see anything I didn't recognize. I would say the closest thing he had to auditing certs where the CISA, CISSP-ISSAP, and CISSP-ISSMP. There a probably a few ISO 27001 training providers that have their own "certification" for passing their courses.
  • eMeSeMeS Member Posts: 1,875 ■■■■■■■■■□
    The only thing that I really know of that is targeted as a specific auditor cert for this is the HISP, offered by BSI:

    Holistic Information Security Practitioner (HISP) certification: Five day course

    Industry knowledge of this, or expectations for it are fairly low at this point.

    For courses in your area, again I would look to BSI, specifically here: Information Security Training Courses

    As has been mentioned here before, you also have the option of the certifications offered by Exin here: ISO/IEC 27000 - EXIN Exams

    I don't know of any classes at the moment geared around the Exin certifications.

    MS
  • sexion8sexion8 Member Posts: 242
    Security University offers training for the ISO27001 certification from RABQSA both linked...

    Security University - Certified ISO 27001 Implementation Course
    RABQSA International : Personnel and Training Certification

    eMeS: HISP is slowly coming along however, they've focused on 27002 (management) whereas a company can never be ISO 27002 certified ;) Becoming HISP doesn't necessarily mean you have to truly know and understand 27001

    27001 leads to certification (mandatory (You must)... you followed ISO's guidelines)
    27002 “Information technology - Security techniques - Code of practice for information security management” (you practice good habits, theoretical ... advisable... you should)
    "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
  • JDMurrayJDMurray Admin Posts: 13,101 Admin
    sexion8 wrote: »
    27002 “Information technology - Security techniques - Code of practice for information security management” (you practice good habits, theoretical ... advisable... you should)
    What NIST refers to as "guidelines" and is more commonly known as "best practices."
  • smiahsmiah Member Posts: 25 ■□□□□□□□□□
    Can anyone recommend a good book on ISO 27001 "Internal Audit"
    easy step by step practise guide.

    Any links will be appreciated
    thanks
  • QMSUKQMSUK Registered Users Posts: 1 ■□□□□□□□□□
    smiah wrote: »
    Can anyone recommend a good book on ISO 27001 "Internal Audit"
    easy step by step practise guide.

    Any links will be appreciated
    thanks

    There's quite a few ISO 27001 books out there, Smiah. However you will greatly benefit from a one to one ISO 27001 training course. Whereabouts are you based?
Sign In or Register to comment.