Analytix introduces ISO 27001 information security training course

Issued by Analytix
Johannesburg, 05 Jun 2006

Analytix has reworked its ISO 17799 Information Security Management training to include the new ISO 27001 standard.

This is according to Johan Botha, Managing Director of Analytix.

"Incorporating the new ISO 27001 Information Security Standard into the course provides a practical angle to the information security training and describes how to perform each step towards developing an ISMS (Information Security Management System) and ISO 17799 compliance," says Botha.

"The growing strategic importance of IT, coupled with the vulnerability of IT networks, has highlighted the need for organisations to protect one of their most valuable assets - information," he continues.

Released in December 2005, the International Standard ISO 27001 (British Standard BS 7799-2:2002, Part 2 of the ISO 17799 Security Standard), provides an international framework and improves the security of information systems.

The ISO 27001 component of the training course offered by Analytix has been prepared for business managers and their staff as a model for setting up and managing an effective ISMS.

"The objective of the training is to provide attendees with the necessary skills to develop an information security framework for their organisation based on the ISO 27001 specifications," Botha explains.

Attendees will learn how to assess and protect their business against threat and vulnerability, as well as how to evaluate their organisation`s information assets and implement a cost-effective security strategy that is compliant with ISO 17799. Attendees will also learn how to benchmark the security practice within their company against this standard.

According to Botha: "This course also covers preparation for formal certification and offers clear explanations and practical solutions. We place importance on explaining not only how to comply with the standard, but also how to demonstrate compliance to external auditors."

"Most importantly, the course looks at the real benefits to the business when it implements ISO 27001. These benefits include making it easier for companies to incorporate information security into their overall management system. For companies that are already ISO 9001 compliant on quality management, adoption of this standard should be straightforward."

Botha concludes: "Finally, the implementation of ISO/IEC 27001:2005 reassures customers and suppliers that information security is taken seriously within the organisation. ISO/IEC 27001:2005 accreditation means that state-of-the-art processes are in place to deal with information security threats and issues."

Analytix

Analytix is a training and consulting firm that support organisations to internalise and operationalise best practice frameworks and standards, leading to sustained business improvement. The Analytix solutions portfolio represents a comprehensive collection of professional services, education and other resources in areas such as corporate and IT governance, information security, business continuity management, IT service management and performance management.

Our services are underpinned by a range of de facto industry standards and frameworks, including COBIT, ISO17799, ISO27001, PAS56 (BS25999), ISO20000, ITIL and the Balanced Scorecard. Since our inception in 2001, we have assisted over 150 organisations with practical training and advice on the implementation of these leading industry frameworks and standards. Our customers tell us that what separates Analytix from others is our pragmatic approach, based on years of successful operational experience.

ISO/IEC 17799: 2005

Code of practice for Information Security Management

ISO 17799

The international standard for information security management, which has been newly enhanced and updated in June 2005, provides a framework for businesses to review, and improve, the overall effectiveness of their information security.

ISO 27001 (BS7799-2:2002)

A Specification for Information Security Management

International Standard ISO 27001 (British Standard BS 7799-2:2002, the Part 2 of the ISO 17799 Security Standard).

This has been prepared for business managers and their staff to provide a model for setting up and managing an effective Information Security Management System (ISMS).

Editorial contacts