• Location(s) Available
  • Date(s) Available
  • Certificate Level
  • Diploma Level

Secured with 2048-bit SSL encryption



Course Duration: 4 days | English

Places Remaining



  • This fully accredited, practitioner-led course equips you with the skills to lead an ISO 27001-compliant information security management system (ISMS) implementation project. Learn from the developers of the original ISO 27001 Lead Implementer course and get to grips with the nine steps to implementing an ISMS.
  • Real-world practitioners show you how to tackle an ISMS project from start to finish. This includes group discussions, practical exercises and case studies throughout the course.
  • Securing senior management commitment and building the business case
  • The role and structure of an information security policy
  • How to determine the scope of your ISMS based on the requirements of ISO 27001
  • Developing a risk management framework
  • How to structure and manage your ISO 27001 project
  • How to allocate roles and responsibilities for your ISO 27001 implementation
  • The definition of risk in ISO 27001 and options for risk assessments under the Standard
  • The benefits of, and key issues when selecting, a Risk Assessment Tool
  • How to carry out an information security risk assessment
  • The Statement of Applicability (SoA), and justifications for inclusions and exclusions
  • Reviewing your existing controls and mapping controls to Annex A of ISO 27001
  • How to prepare for your ISO 27001 Certification Audit
  • Important information to ensure that you pass first time
  • Senior directors (CEO, CIO, CSO CRO, CCO) responsible for strategic and business planning
  • Data Protection Officers (Including GDPR)
  • Senior IT Managers
  • ISO 27001 Information Security Risk Management Programme and Project Managers
  • Senior Regulatory Compliance Officers interested in specialising in Cyber security
  • Senior Operational Risk Managers interested in specialising in Cyber security
  • Senior Internal Auditors
  • IT and other staff interested in building a career Cybersecurity / Cybercrime prevention
  • ISO27001 Certified ISMS Lead Implementer (CIS LI) qualification qualification awarded by IBITGQ (ISO 17024-accredited)(based on passing an exam)
  • This course is also accredited by the Institute of Information Security Professionals (IISP) and satisfies the IISP Skills Framework requirements at Level 1: A1, A2, A3, A4, A5, A6, A7, B1, B2, G1, H1 and H2
  • The CIS LI qualification is acknowledged by the Payment Card Industry Security Standards Council (PCI SSC) as an approved qualification that meets the requirements of an individual applying to become a Payment Card Industry Data Security Standard (PCI DSS) Qualified Security Assessor (QSA).
Day 1
  • What is Information Security Management
  • Discuss recent global Information Security breaches
  • Overview of global regulations
  • Introduction to ISO/IEC 27001and 27002
  • Key terms and definitions
  • Clause 4: Context of organisation
  • Clause 5: Leadership
  • Clause 6: Planning
  • Clause 7: Support
  • Clause 8: Operation
  • Clause 9: Performance evaluation
  • Clause 10: Improvement
  • Reflection and Feedback
Day 2
  • What is an ISMS
  • Implementing an ISMS
  • Requirements and documentation
  • Baseline Gap analysis
  • Organisational Context
  • Engaging Interested Parties
  • Scoping
  • Project Planning
  • Engaging the Leadership
  • Reflection and Feedback
Day 3
  • Planning Process
  • Risks and opportunities
  • Support
  • Operations
  • Monitoring, measurement, analysis & evaluation
  • Internal audit and management review
  • Non-conformity; Corrective action process and Improvement
  • Integration
  • Gap Analysis - Risk Assessment
  • Reflection and Feedback
Day 4
  • Cost Estimation
  • Monitor and Measure
  • Selection of Controls - Statement of Applicability
  • Review
  • Legal Requirements
  • Communication
  • Information on Practical Controls
  • Plan, Do, Check, Review
  • Case studies walkthrough
  • Course review and questions
  • Reflection and Feedback
  • Bring water & refreshments to help you stay focused
  • Bring stationery, a notebook and a calculator
  • Laptop / Tablet with Internet Access for End of Course Online Exam
  • Recommended Reading: ISO27001/ISO27002 A Pocket Guide by Alan Calder. Order Here: (Add link to shop)
Notes and handouts covered in the workshop will be provided. Chat with us or email us on info@africarisk.test if you have any course queries (office hours Mon-Fri 08:30-16:30).