ISO/IEC 27001 Information Security Management System

info@sandbp.net 35 Vennio Ln, Hamilton ON L9B 2Y6, Canada

Description

ISO/IEC 27001:2022 international standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
Information being a valuable asset and a building block is the key to the growth of any organization. Information needs to be suitably protected like any other important business asset.
In the modern world this asset becomes crucial for success and maintaining credibility of the organization. If this asset is compromised then the organization may have to face various threats and risks like brand image erosion, business disruption, financial and productivity loss etc. On the other side, information security also maximize return on investments, minimize business risks and increase business opportunities.

Benefits of ISO 27001 Certification

Obtained the necessary expertise to support an organization to implement an Information Security Management System that complies with ISO/IEC 27001.
Provide continual prevention and assessments of threats within your organization.
Higher chances of being distinguished or hired in an Information Security career.
Understood the risk management process, controls, and compliance obligations
Acquired the necessary expertise to manage a team to implement an ISMS
The ability to support organizations in the continual improvement process of their Information Security Management System.

ISO 27001 Foundation (FD):

ISO 27001 Foundation: ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001. During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.

After completing this course, participants can sit for the exam. Once participants meet the pass mark, he/she will be given a “SandBP Certified ISO 27001 Foundation” credential. A SandBP Foundation Certificate shows that the participants have understood the fundamental methodologies, requirements, framework and management approach.
ISO 27001 Lead Implementer (LI):

ISO/IEC 27001 Lead Implementer training course enables participants to acquire the knowledge necessary to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an information security management system (ISMS).

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After mastering all the necessary concepts of Information Security Management Systems, participants can sit for the exam. Once participants meet the pass mark, he/she will be given “SandBP Certified ISO 27001 Lead Implementer” credential. By holding a SandBP Lead Implementer Certificate, the participant can be able to demonstrate that he/she has the practical knowledge and professional capabilities to implement ISO 27001 in an organization.
ISO 27001 Lead Auditor (LA):

ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques.

During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

After acquiring the necessary expertise to perform this audit, participants can sit for the exam. Once participants meet the pass mark, he/she will be given a “SandBP Certified ISO 27001 Lead Audit” credential. By holding a SandBP Lead Auditor Certificate, the participant can be able to demonstrate that he/she has the practical knowledge and professional capabilities to audit ISO 27001 in an organization.

Certification

Candidates who score 70% and above in the examination will be issued an SANDBP certificate.
In case you do not meet the pass mark, you can retake the exam for FREE after the first attempt while subsequent retakes would come at a cost.

Criteria for Suspending and Withdrawing the Scope of Certification

SANDBP reserves the right to suspend or revoke certifications for reasons including fraud, deceit, or submission of inaccurate data.

Process:

Certificate holders will be notified by certified mail if evidence of charges is found.
They may present their defense in writing to the certification board.
The board will review the case and decide to uphold or deny the suspension/revocation.

Causes for Suspension/Withdrawal:

Improper use of certificates/logos
Malpractices
Providing false information
Ineligibility for applied examinations
Voluntary suspension requests

Recertification Process

Recertification ensures that certified individuals maintain their knowledge and skills in line with the latest standards and practices. It is a critical process that reaffirms the competency of certified professionals, allowing them to stay current with evolving industry standards.

Criteria for Recertification:

Transition Exam:
* Individuals must take and pass a transition exam when there is a change in the current version of the certification standard.
* The transition exam focuses on the updates and changes in the new version of the standard, ensuring that certified individuals are knowledgeable about the latest requirements and practices.
Adherence to Code of Ethics:
Certified individuals must adhere to a code of ethics, demonstrating professionalism and integrity in their practice. Any violations of the code of ethics may result in the suspension or revocation of certification
Payment of Recertification Fees:
Payment of the required recertification fees is necessary to process and validate the renewal of certification.

ISO/IEC 27001:2022 - INFORMATION SECURITY MANAGEMENT SYSTEM

Description

Benefits of ISO 27001 Certification

ISO 27001 Foundation (FD):

ISO 27001 Lead Implementer (LI):

ISO 27001 Lead Auditor (LA):

Certification

Criteria for Suspending and Withdrawing the Scope of Certification

Causes for Suspension/Withdrawal:

Recertification Process

FREE

$115(₦100,000)

$115(₦100,000)