ISO 27001:2013 Fundamentals Training Course

Course Overview Who is this course for?

The focus of the ISO 27001 Fundamentals Training Course is to comprehensively introduce Learners to Information Security Management Systems and provide them with a highly insightful introduction to the purpose, intent and requirements of ISO 27001 plus the business case for adopting ISO 27001.



Key Learning Outcome Why this course is unique?

Our training demonstrates to the Learner the benefits of adopting the unique Kelmac Group® One System Model for enhancing organizational compliance, effectiveness and efficiency based on utilizing Business Process Management to enhance ISO.



Course Basics What is essential to know?

  • This is a 1-day (8hr) learning event.
  • Start/Finish Times: 08:00am – 17:30pm
  • Ideal for those looking to get started and understand the requirements of Information Security Management Systems & ISO/IEC 27001:2013. 


Upcoming Dates and Locations Where can I register?

We are sorry but there are currently no public training dates available for this course at the moment! If you would like to send us your details, we will contact you when a course becomes available near you. If you have any questions about this course, call (312) 496 6607.

Where are you looking to attend this training?

Do you wish to join our mailing list to receive our newsletter including information about industry insights, upcoming courses & special pricing or discounts?

Course Learning Topics What does the course cover?
  • Course Introduction

    • The Business Case for ISO/IEC 27001:2013 and the Relationship with Confidentiality, Integrity and Availability of the Organization’s Assets*
    • Overview of ISO 27000 Family of Standards
    • Purpose and Impact of Annex SL
    • New and Revised Terminology
    • External and Internal Issues, Interested Party Requirements, Risks and Opportunities
    • Top Management & Business Processes*

    ISO/IEC 27001 – Context of the Organization

    • The New Requirements for Context of the Organization
    • The Organizations External and Internal Issues, Interested Parties, their Needs, Significance, Monitoring and Measurement
    • The PDCA Cycle and the Process-based Information Security Management System Model for ISO/IEC 27001:2013
    • The Organization Business Model, Alignment with the Information Security Management System Process Model and Benefits*
    • Audit Evidence & Sources*
  • ISO/IEC 27001– Leadership

    • The New and Enhanced Requirements for Leadership
    • The ISACA
    • The Information Security Forum (ISF) and (ISC)² Twelve Principles of Information Security*
    • Audit Evidence and Sources*

    ISO/IEC 27001 – Planning of the ISMS

    • The Requirements for Planning of the Information Security Management System
    • Process Terminology, Processes & Process Controls, Risks and Opportunities*
    • Objectives and Plans to Achieve Them
    • Management of Change
    • Audit Evidence and Sources*

    ISO/IEC 27001 – Support

    • The Requirements for Support
    • Awareness and Communications
    • Annex SL Requirements for Documented Information and How It Differs from Previous Management System Requirements
  • ISO/IEC 27001– Operation

    • The Requirements for Operation
    • The New and Enhanced Requirements for Operational Planning and Control, specifically Outsourcing
    • Audit Evidence and Sources*

    ISO/IEC 27001 – Performance Evaluation*

    • The Requirements for Performance Evaluation*
    • The Requirements for Monitoring, Measurement, Analysis and Evaluation*
    • Internal Auditing and Management Review*

    ISO/IEC 27001 – Improvement*

    • The Requirements for Improvement*
    • The Requirements for Managing Non-Conformity and Corrective Action, and Continual Improvement*
    • Certification and Accreditation*

*Kelmac Group cover this topic in more depth compared to our competitors.
**Kelmac Group proven added value as this material is not covered by the IRCA specification or our competitors.

Course Certification Kelmac Group certified

This course has been designed by leading experts to provide high quality training to professionals seeking to understand Information Security Management Systems based on ISO/IEC 27001:2013.

Additional Course Information

Who Should Attend?
  • Senior managers
  • IT Security officers
  • IT Managers
  • Management systems managers
  • Auditors involved in introducing ISO/IEC 27002 or ISO/IEC 27001 into an organization
  • Chief security officers
  • Information security consultants
Course Assessment

Each Learner is assessed based on participation and performance throughout the duration of the course. This includes all exercises, role plays, case studies and all other activities during the course. Please note, full attendance is required during the training course.

Our Course vs. Our Competitors Why is our course the best?

Working with a Case Study: Almost Full Documented ISMS Why is this important?

Each Learner will audit the almost full documented ISMS from the unique Kelmac Group® assurance perspective. The Kelmac Group® assurance perspective is unique as we audit like many professional financial audit practices where the focus is on providing top management with the quality of insight to make decisions and actions aimed at improving performance of the organization. 

We boast the most comprehensive documented ISMS Case Study available including an ISO 27001:2013 Policy Manual; Statement of Applicability; Asset/Risk Register and Risk Treatment Plan, 13 SIPOC processes [Value chain, Support and Management]; 19 procedures; the organization’s statutory and regulatory and other legal obligations register, and the organization’s risk register, and related documented Information Security templates and records.

One System Model Why is this important?

The one system model is based on utilizing Business Process Management to enhance ISO based Management Systems.

Our course is unlike our competitors as we will outline a methodology for developing and implementing an Information Security Management System based upon the requirements of ISO/IEC 27001:2013, where the ISMS is integrated with the organization’s business model. 

Others train followers, we train leaders™

More Topics Covered In More Depth Why is this important?

In this course, we cover 14 topics in more depth than any of our competitors!

If you look at other courses, they are largely focused on knowledge based learning which does not cover all requirements of ISO 27001.

Ready to stand out from the crowd?