ISO 27001 Lead Implementer

Dette intensive fem dagers kurset innen informasjonssikkerhet/ Information Security, gir deg den nødvendige kunnskapen og ekspertisen for å planlegge og implementere et effektivt styringssystem (ISMS) for din virksomhet i henhold til ISO 27001.

MÅL MED KURSET:

Målsetningen med kurset er å gjøre deg i stand til å mestre det du trenger for å implementere sikkerhetskontroller fra de 11 områdene i ISO 27002. Etter kurset skal du kunne:

  • Mestre konseptene, standardene og metoder for å administrere et ISMS på en effektiv måte
  • Kjenne forholdet mellom styringssystem, risikovurdering og compliance i henhold til virksomhetens egne krav
  • Støtte virksomheten i å få implementert og videreutviklet sitt styringssystem
  • Velge ut ressurser i egen virksomhet som utgjør teamet som er ansvarlig for at systemet fungerer til daglig
  • Vise til bedre kunnskaper for analyse og beslutningstagning innenfor informasjonssikkerhet

Kursinnhold

Kurset gir deg den nødvendige kunnskapen og ekspertisen for å planlegge og implementere et effektivt styringssystem (ISMS) for din virksomhet i henhold til ISO 27001. Kurset er basert på teoretiske presentasjoner etterfulgt av praktiske oppgaver. Kurset går over 5 dager med avsluttende eksamen siste dag. Eksamen varer 3 timer.

Hovedemner

  • Planlegging og risikohåndtering
  • Implementering
  • Overvåking
  • Revurdering
  • Drift og vedlikehold
  • Forbedring
  • Revisjon

I tillegg til hovedemnene får du full introduksjon til compliance og prosessen for sertifisering.

Målgruppe for kurset

  • Prosjektledere eller konsulenter som skal støtte en virksomhet i implementering av et ISMS
  • ISO 27001 revisor som ønsker å også mestre implementeringsprosessen
  • Deg som er ansvarlig for informasjonssikkerhet i din virksomhet
  • Deltagere i prosjekt for implementering av styringssystem
  • Rådgivere innen informasjonssikkerhet

Forkunnskaper

Deltagere bør ha kjennskap til sentrale deler av ISO 27001 og ISO 27002. Du bør også ha forståelse for forretningsprosesser, og ha grunnleggende IKT-forståelse. Du trenger ikke omfattende tekniske kunnskaper.

Språk

Kurset holdes på engelsk.

Kursmateriell

Verktøysett for implementering samt kursdokumentasjon på over 450 sider med praktiske eksempler deles ut til alle deltagere. Kurset gir i tillegg 31 CPE poeng. Kurs, kursdokumentasjon og eksamen er på engelsk.

Eksamen/ sertifisering

ISO 27001 Lead Implementer eksamen er sertifisert av PECB og dekker følgende kunnskapsområder:

  • Domain 1: Fundamental principles and concepts in information security
  • Domain 2: Information Security Management System (ISMS)
  • Domain 3: Information Security Control Best Practice based on ISO 27002
  • Domain 4: Planning and implementing an ISMS based on ISO 27001
  • Domain 5: Continuous improvement of an ISMS based on ISO 27001

 

 

Informasjon

Personlig informasjon

Adresseinformasjon

Ytterlig informasjon

Betingelser og vilkår

This notice explains how Combitech, collects, uses, discloses, transfers and stores and personal data relating to you, such as your name, address, etc. (“Personal data”)

Why do we collect your Personal Data

The purpose of Combitech´s processing of your Personal Data in relation to the course is (i) to be able to handle the administration around the course, (ii) to facilitate current and/or future engagements between Combitech and you or your employer (iii) and to update you about other upcoming courses.

What Personal Data do we collect from you and what do we do with it? 

The Personal Data collected by Combitech includes name, address, email address, telephone/mobile phone number, and food preferences. This Personal Data will be registered in Combitech’s Event Management System.  We also collect social security number (or for if you don’t have a Swedish social security number - citizenship and passport number) for access to the location where the event is held.

What is Combitech’s legal basis for the processing of your Personal Data?

Combitech’s processing of your Personal Data in our Event Management Systems is based on legal contract between you and Combitech. When registering, you are entering into a legal binding contract with Combitech. 

Combitech’s processing of your Personal Data in our Event Management Systems is also based on the legitimate interests pursued by Combitech. 

This means that Combitech is of the view that its interest in processing your Personal Data for the purposes listed above prevails the privacy violation that you are exposed to as a result of the processing. This conclusion from our balance of interest test is made especially due to the fact that (i) it is crucial for Combitech to process contact information to a representative of Combitech’s customers to facilitate our customer engagements; (ii) that the processing of your Personal Data is limited to the extent possible; and (iii) that you at any time may choose to opt-out from receiving communication from Combitech.

Legal basis for collecting social security number is for Combitech to fulfil a legal obligation when giving you access to the location for this event.

Who might we share your Personal Data with? 

Your Personal Data will be used by Combitech. Combitech will also share your Personal Data with suppliers and partners that carry out services on Combitech’s behalf such as different course responsibles.

How long do we keep your Personal Data? 

Combitech will store your Personal Data for a period of two years after your and/or your employer’s most recent interaction with Combitech. Combitech may, instead of destroying or erasing your Personal Data, make it anonymous such that it cannot be associated with or tracked back to you in any way. Personal data collected to fulfil a legal obligation will be stored for the envisaged time. 

What are your rights? 

If your Personal Data are incorrect or needs to be updated you may at any time request that we correct or update the Personal Data by contacting the controller (please find contact details below). You may also contact us if you no longer would like us to process your Personal Data, if you would prefer us to restrict our processing in any manner or if you no longer wish to receive information about Combitech’s products (We still need to process your personal data if you want to go one of our courses. If you don´t want us to process your personal data in relation to the course, you need to unregister from the course). We will then delete your Personal Data from our systems or restrict our processing of your Personal Data. [Please note however, that an erasure of your Personal Data or a restriction of our processing of your Personal Data may mean that we will not be able to provide our services to you, wholly or partially]. In addition, you may receive a copy of the Personal Data relating to you and information regarding our processing of such personal data by applying to the controller in writing. In such case, we will provide your Personal Data to you in a commonly used data format. 

If you have any queries regarding the processing of your Personal Data or wish to exercise any of the rights stated above, please write to the controller at the address provided below.  You have the right to lodge a complaint regarding how Combitech processes your Personal Data to the relevant data protection authority or similar body within your jurisdiction. 

How can you contact the controller and exercise your rights?

The controller for any Personal Data we hold about you is Combitech AB, corporate identity 556218-6790, Universitetsvägen 14, P.O Box 15042, SE-580 15 Linköping, Sweden. You can contact the controller at the following contact information: info@combitech.se Combitech is a company in the Saab Group.

Informasjon

Personlig informasjon

Adresseinformasjon

Ytterlig informasjon

Betingelser og vilkår

This notice explains how Combitech, collects, uses, discloses, transfers and stores and personal data relating to you, such as your name, address, etc. (“Personal data”)

Why do we collect your Personal Data

The purpose of Combitech´s processing of your Personal Data in relation to the course is (i) to be able to handle the administration around the course, (ii) to facilitate current and/or future engagements between Combitech and you or your employer (iii) and to update you about other upcoming courses.

What Personal Data do we collect from you and what do we do with it? 

The Personal Data collected by Combitech includes name, address, email address, telephone/mobile phone number, and food preferences. This Personal Data will be registered in Combitech’s Event Management System.  We also collect social security number (or for if you don’t have a Swedish social security number - citizenship and passport number) for access to the location where the event is held.

What is Combitech’s legal basis for the processing of your Personal Data?

Combitech’s processing of your Personal Data in our Event Management Systems is based on legal contract between you and Combitech. When registering, you are entering into a legal binding contract with Combitech. 

Combitech’s processing of your Personal Data in our Event Management Systems is also based on the legitimate interests pursued by Combitech. 

This means that Combitech is of the view that its interest in processing your Personal Data for the purposes listed above prevails the privacy violation that you are exposed to as a result of the processing. This conclusion from our balance of interest test is made especially due to the fact that (i) it is crucial for Combitech to process contact information to a representative of Combitech’s customers to facilitate our customer engagements; (ii) that the processing of your Personal Data is limited to the extent possible; and (iii) that you at any time may choose to opt-out from receiving communication from Combitech.

Legal basis for collecting social security number is for Combitech to fulfil a legal obligation when giving you access to the location for this event.

Who might we share your Personal Data with? 

Your Personal Data will be used by Combitech. Combitech will also share your Personal Data with suppliers and partners that carry out services on Combitech’s behalf such as different course responsibles.

How long do we keep your Personal Data? 

Combitech will store your Personal Data for a period of two years after your and/or your employer’s most recent interaction with Combitech. Combitech may, instead of destroying or erasing your Personal Data, make it anonymous such that it cannot be associated with or tracked back to you in any way. Personal data collected to fulfil a legal obligation will be stored for the envisaged time. 

What are your rights? 

If your Personal Data are incorrect or needs to be updated you may at any time request that we correct or update the Personal Data by contacting the controller (please find contact details below). You may also contact us if you no longer would like us to process your Personal Data, if you would prefer us to restrict our processing in any manner or if you no longer wish to receive information about Combitech’s products (We still need to process your personal data if you want to go one of our courses. If you don´t want us to process your personal data in relation to the course, you need to unregister from the course). We will then delete your Personal Data from our systems or restrict our processing of your Personal Data. [Please note however, that an erasure of your Personal Data or a restriction of our processing of your Personal Data may mean that we will not be able to provide our services to you, wholly or partially]. In addition, you may receive a copy of the Personal Data relating to you and information regarding our processing of such personal data by applying to the controller in writing. In such case, we will provide your Personal Data to you in a commonly used data format. 

If you have any queries regarding the processing of your Personal Data or wish to exercise any of the rights stated above, please write to the controller at the address provided below.  You have the right to lodge a complaint regarding how Combitech processes your Personal Data to the relevant data protection authority or similar body within your jurisdiction. 

How can you contact the controller and exercise your rights?

The controller for any Personal Data we hold about you is Combitech AB, corporate identity 556218-6790, Universitetsvägen 14, P.O Box 15042, SE-580 15 Linköping, Sweden. You can contact the controller at the following contact information: info@combitech.se Combitech is a company in the Saab Group.