ISO 27001/27002 Education:
Jump Start Your Information Security Management System

Overview

Jump Start Your Information Security Management System will provide you the tools, concepts and techniques you'll need to jump start an industry-standard approach to your security program.

This class will help you:

1. Establish a trusted and sturdy security foundation

2. Identify and implement the key concepts in ISO 27001

3. Firmly establish and improve your security program

4. Implement key controls found in the ISO 27002 Code-of-Practice

5. Identify mechanisms to monitor and measure your security progress

ISO 27001/27002 Overview

The International Standards Organization (ISO) has developed two specifications on the governance of information security, ISO 27001 and ISO 27002. Both have originated and evolved from British Standards, BS7799 parts 1 and 2, which have been used to certify over 2,500 organizations around the world.

ISO 27002 is an international code of practice, or implementation framework, for information security best practices. ISO 27001 serves as the auditing and certification standard for an organization’s ISMS with 133 information security controls covering eleven separate domains.

Further, ISO 27001 also specifies the Plan-Do-Check-Act (PDCA) model for continual quality improvement, which is the same PDCA model used in ISO 9001 Total Quality Management (TQM) initiatives. According to the Institute of Internal Auditors (IIA), the PDCA cycle helps “the organization to know how far and how well it has progressed” and “influences the time and cost estimates to achieve compliance.” BSI Management Systems, the world’s largest ISO certification body and the author of BS7799 standards, defined the ISMS as “a systematic approach to managing sensitive company information so that it remains secure. ISMS encompasses people, processes, and IT systems.”

CPE Credits

Seven CPE credits will be awarded for completing this class.

Prerequisites
Attendees should be fairly knowledgeable about the security practices of their organization to properly benefit from this workshop.

Class Requirements
Attendees are encouraged, although not required, to bring a laptop with Microsoft Office so they can follow along with the presentation materials and mapping documents that are provided on a CD.

About The Instructor
Gary Sheehan, CISSP, HISP, is a managing consultant with Wolcott Group. Gary’s practice at Wolcott is focused on information security and risk management and using the best practice frameworks and standards to help clients achieve effective holistic security and good IT governance. He is a subject matter expert in the area of information security governance with 20 years of experience in security policy, awareness, process implementation, vulnerability management and security project management.

Throughout his career, Gary has worked for a number of large companies in the banking, insurance, diversified industrial, manufacturing, and chemical industries. He has successfully executed large, global security projects and implemented enterprise-wide security policies at a number of companies. Gary is currently the President of the Northern Ohio Members Alliance of InfraGard and founder of the Information Security Summit.

As a recognized security expert, Gary has presented topics at Computer Security Institute's annual conference, InfoSec World, OKIT and at many regional conferences and seminars. In 2003 Gary received the Northern Ohio Chapter of InfraGard’s Linda Franklin award for his dedication and outstanding service to the chapter. Under his direction, the Information Security Summit has raised and distributed over $90,000 to area organizations such as ISACA, InfraGard, ISSA, BEPA, Cuyahoga County Police Chiefs Association, Cleveland HoneyNet Project, NEO InfoSec Forum and ASIS.

Gary has a Bachelors degree in Business Administration from Baldwin-Wallace College and is a 2006 graduate from the FBI Citizens Academy.

About Wolcott Group
Wolcott Group is one of the top U.S. firms for standards-based, information security training, consulting, and technology solutions. Wolcott Group is a member of the IT Governance Institute, an authorized training center for the Holistic Information Security Practitioner (HISP) certification, and an authorized BSi Management Systems’ Associate Consultant for training and consulting on ISO 27001/27002. Wolcott Group is an IBM Premier Business Partner, a Microsoft Gold Certified Partner, and also partners with other information security technology vendors to help its clients to improve their information security practices.

Contact Information  

Wolcott Group - Corporate Headquaters

3700 Embassy Parkway

Fairlawn, Ohio 44333

Phone: 1-866-WOLCOTT (1-866-965-2688) or 1-330-666-5900

Fax: 1-330-666-5600

Email: training@wolcottgroup.com

2008 Schedule

October 29, 2008 (at the 2008 Information Security Summit)  

The Investment
The investment for this one-day workshop, which includes documentation on how IT frameworks map to security, and provides 7.0 hours of CPE credits, is normally $495 per attendee. But when you sign up for this class in conjunction with the 2008 Information Security Summit, the cost is only $395 per attendee.

Also of note, quantity discounts are available for the training of groups at Wolcott Group's offices or for private training of groups at your offices.  Contact us at training@wolcottgroup.com for more information.

Register online today for the October 29, 2008 class at the 2008 Information Security Summit!