Johannesburg, 05 Jun 2006
Analytix has reworked its ISO 17799 Information Security Management training to include the new ISO 27001 standard.
This is according to Johan Botha, Managing Director of Analytix.
"Incorporating the new ISO 27001 Information Security Standard into the course provides a practical angle to the information security training and describes how to perform each step towards developing an ISMS (Information Security Management System) and ISO 17799 compliance," says Botha.
"The growing strategic importance of IT, coupled with the vulnerability of IT networks, has highlighted the need for organisations to protect one of their most valuable assets - information," he continues.
Released in December 2005, the International Standard ISO 27001 (British Standard BS 7799-2:2002, Part 2 of the ISO 17799 Security Standard), provides an international framework and improves the security of information systems.
The ISO 27001 component of the training course offered by Analytix has been prepared for business managers and their staff as a model for setting up and managing an effective ISMS.
"The objective of the training is to provide attendees with the necessary skills to develop an information security framework for their organisation based on the ISO 27001 specifications," Botha explains.
Attendees will learn how to assess and protect their business against threat and vulnerability, as well as how to evaluate their organisation`s information assets and implement a cost-effective security strategy that is compliant with ISO 17799. Attendees will also learn how to benchmark the security practice within their company against this standard.
According to Botha: "This course also covers preparation for formal certification and offers clear explanations and practical solutions. We place importance on explaining not only how to comply with the standard, but also how to demonstrate compliance to external auditors."
"Most importantly, the course looks at the real benefits to the business when it implements ISO 27001. These benefits include making it easier for companies to incorporate information security into their overall management system. For companies that are already ISO 9001 compliant on quality management, adoption of this standard should be straightforward."
Botha concludes: "Finally, the implementation of ISO/IEC 27001:2005 reassures customers and suppliers that information security is taken seriously within the organisation. ISO/IEC 27001:2005 accreditation means that state-of-the-art processes are in place to deal with information security threats and issues."
Share