Iso 27001
Replicon
Posts: 124Member ■■■□□□□□□□
My company is looking to get ISO 27001 certified, and I have to lead that project.
I was wondering if you can recommend any specific training (I am based in Canada) that I can take or certification I can pursue that will help me in the implementation stage. The training does't have to be in a classroom... I'd prefered online as my employer does not have to play, probably wont
, for travel and hotel.
I was able to find two courses here https://training.advisera.com/ , have not watched them yet so I cant say how good they are.
When I was searching for certification, there was GIAC G2700 but that is retired. Any suggestions will be much appreciated.
I was wondering if you can recommend any specific training (I am based in Canada) that I can take or certification I can pursue that will help me in the implementation stage. The training does't have to be in a classroom... I'd prefered online as my employer does not have to play, probably wont
, for travel and hotel.I was able to find two courses here https://training.advisera.com/ , have not watched them yet so I cant say how good they are.
When I was searching for certification, there was GIAC G2700 but that is retired. Any suggestions will be much appreciated.
Comments
https://pecb.com/iso-iec-27001-training-courses
https://pecb.com/iso-iec-27001-certifications
There's also APMG International.
http://www.apmg-international.com/en/qualifications/isoiec27001/iso-iec-27001.aspx
Completed: JIT2, TFT2, VLT2, C701, C702, C706, C700, FXT2
In Progress: C688
Remaining: LQT2
Also, as with all standards or frameworks, compliance does NOT equal security. It sounds good for vendors, execs, unknowing people, auditors, but ISO 27k compliance does NOT mean you're hack proof or have an awesome state of security.
My recommendation for people looking for ISO 27k compliance is to not try to become compliant with every provision, but rather to find the parts that will help secure you the most for the least cost (80/20 rule there) and prioritize those. Don't spend 6 months making an infosec policy at the cost of not actually doing day-to-day operational stuff during those 6 months!
They have classroom training + certification at the end and they have it in my city next year
If anyone knows any other training center that offers training please let me know.
I searched amazon for books, there are few but they don't seem to have lot of reviews so I am hesitant what to buy.
636-555-3226 I agree with you, I think that will be the next hard question, what to get certified , which component of the company.
I know that having the certification doesn't mean you are certified, but from a PR perspective you can get some clients as an company you'll look more secure, and bottom line you can use that knowledge to improve the overall security in the company, its not just about peace of paper.
I've recently completed the ISO2001 Lead Auditor training live online at IT Governance - Governance, Risk Management and Compliance for Information Technology and they are awesome. A colleague of mine has just completed the ISO27001 implementer course as well.
hope this helps
Are they prerecorded videos? You think their course are worth it? Is it just a course of there is option to take exam to get certified?
1. The Lead Auditor training is presented through a live online classroom session by Steve Watkins. He was very good at delivering the content in a manner for all levels to understand.
2. I was fortunate enough to have my work pay for the training. I do not perform the audit function at work but I do work very closely with our internal audit team so the training was very useful.
3. Yes you will be writing a certification exam
Just my 2p about 27001, it's more about demonstrating good practice to customers and contractural compliance... I don't know any company who did it to "be secure"
I am preparing to sit for ISO27001 Foundation exam in Jan/Feb 2017. Is there any recommended books to prepare the exam? I saw some training videos at https://training.advisera.com/course/iso-27001-foundations-course/ but not sure it is enough for exam preparation. Thanks.
you can be compliant and not certified. A lot of projects demand you to be 'compliant' which does not necessarily mean certified.
As for ISO certified, there is no need to be certified on all the controls, select the ones applicable to your business. It's not hard
Second post from the top...
https://pecb.com/iso-27001-foundation-exam
Exam Number
Date Of Achievement
Exam Issuer
I dont understand the process, to access to the material and schudel the exam! Can you help me!?
Thanks!!!
Also, there is on Pluralsight a few hour of training video.