BSI Management Systems and Analytix have announced their collaboration in offering BSI's IRCA-certified* ISO/IEC 27001:2005 lead auditor training course in South Africa.
According to Theuns Kotze, BSI Management Systems' Managing Director of Middle East and Africa, "The decision to work with a South African organisation was made in order to make the BSI training more accessible to South African companies.
"Analytix has established itself over the last five years as a provider of high-quality management training to over 260 South African organisations. This initiative to jointly market BSI's training provides BSI access to Analytix's training and marketing infrastructure, as well as the benefit of rand-based pricing."
The International Standard, ISO/IEC 27001:2005 (British Standard BS 7799-2:2005, complements the ISO/IEC 17799:2005 Security Standard), has been prepared for business managers and their staff to provide a model for setting up and managing an effective information security management system (ISMS). Qualified ISO 27001 lead auditors are in demand due to increased privacy and regulatory pressures placed on organisations around the world.
"This five-day intensive course prepares delegates for the qualification process for ISO 27001:2005 and trains them on how to conduct audits for certification bodies. It also empowers them to give practical help and information to their organisations who are working towards compliance and certification," says Craig Rosewarne, Analytix Executive Director.
The ISO 27001:2005 lead auditor training is aimed at those wishing to implement a formal ISMS in accordance with ISO 27001:2005 requirements. Existing security auditors who wish to expand their auditing skills, as well as consultants who wish to provide advice on ISO 27001:2005 systems certification will benefit from this course.
The course structure comprises a combination of tutorials, syndicated exercises and role-play in the following areas:
* Information security
* The importance of information security
* ISO 27001:2005
* Reviewing security threats and vulnerabilities
* Management of security risks
* Selecting security controls
* How to build an ISMS
* ISO 27001:2005 auditing techniques
* Managing and leading an ISO 27001:2005 audit team
* Interview techniques
* Audit reporting
* Examination to prove competency
The ISO 27001 lead auditor course (five days) will run from 30 July to 3 August, and 17 September to 21 September 2007.
All courses are run at Analytix's comfortable facilities in Illovo, Johannesburg.
Contact Charlene O'Reilly (charlene.oreilly@analytix.co.za) for more information or to register for this course. Seats are limited and booking is essential!
Delegates can also book online at http://www.analytix.co.za/.
*IRCA CERTIFIED COURSE (A17287)
Analytix is a South African provider of specialist training and consultancy services within the governance, risk management and compliance arena. Analytix assists organisations with finding solutions to management challenges such as corporate and IT governance, information security, risk management, business continuity management, IT service management and performance management.
Our services are underpinned by internationally accepted IT Management practices, based on a range of de facto industry frameworks and standards, including COSO, COBIT, ISO 17799, ISO 27001, BS 25999, ISO 20000, ITIL and the Balanced Scorecard.
Since 2001, Analytix has been involved with education and assistance to over 260 leading African organisations with the practical implementation of IT governance and related approaches and techniques such as COBIT and ISO 17799. (www.analytix.co.za)
BSI Management Systems
BSI Management Systems is one of the world's largest certification bodies, with over 60 000 certified locations and clients in more than 100 countries. Operating through a global network, BSI Management Systems provides assessment, certification and training services in all critical areas of management disciplines including:
* Business continuity
* Environment
* Food safety
* Health and safety
* Information security
* Integrated management
* Quality
* Social accountability
* Sustainable development
* IT service management.
BSI Management Systems is part of BSI Group, a global independent business services organisation that inspires confidence and delivers assurance to customers with standards-based solutions. Originating as the world's first national standards body, the group has over 2 250 staff in more than 50 global offices. The group's key offerings are:
* Development and sale of private, national and international standards and supporting information
* Second and third-party management systems assessment and certification
* Product testing and certification of services and products
* Performance management software solutions
* Training services in support of standards implementation and business best practice.
For further information, please visit: www.bsi-global.com.
ISO 27001
ISO/IEC 27001 is a standard setting out the requirements for an information security management system (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties, including an organisation's customers. It is suitable for several different types of organisational use, including the following:
* Formulation of security requirements and objectives;
* To ensure that security risks are cost-effectively managed;
* To ensure compliance with laws and regulations;
* As a process framework for the implementation and management of controls to ensure that the specific security objectives of an organisation are met;
* Identification and clarification of existing information security management processes;
* To be used by management to determine the status of information security management activities;
* To be used by internal and external auditors to determine the degree of compliance with the policies, directives and standards adopted by an organisation;
* To provide relevant information about information security policies, directives, standards and procedures to trading partners;
* To provide relevant information about information security to customers.
For further information, please visit: www.bsi-global.com/informationsecurity.
Editorial contacts

