Course CIP: Certified ISO 27001 Professional

This course is already delivered, please contact us for the next available session tel:+357 22 44 14 92
Course Outline in PDF


The ISO27001 is the most acknowledged and globally recognized standard for implementing an Information Security Management System (ISMS) within any organization.  The value of information assets and the importance of thoroughly securing them against today’s ever increasing threats, highlight the significance of developing and implementing effective and holistic security management systems. The course highlights the importance of information security and provides the necessary tools and methodologies for students to master the concepts of ISMS implementation, in line with ISO27001.

Who Should Attend:

The training course is intended for IT and security professionals without extensive background and experience in Information Security that wish to gain a thorough understating of ISO27001 implementation, cyber threats and countermeasures as well as to further enhance their careers through training and certification in security management.  It is ideal for those endeavouring to work in positions such as Information Security Officer, Security Manager, IT Manager, IT Administrator, Security Auditor, Security Analyst, Systems Engineer, etc.


Module 1    Introduction to Cybersecurity and ISO27001:2013

•What is information security - fundamental principles
•Cybercrime and threat evolution
•Introduction to security governance and frameworks
•Introduction to ISO 27001

Module 2    The ISO27K Family-Definitions and Security Concepts

•The 27k family of standards
•Confidentiality, Integrity and Availability
•Information security concepts and definitions
•ISMS fundamental principles
•Governance and policies
•Incident management

Module 3    ISO27001 Mandatory Requirements – Context, Scope and Leadership

•ISMS project management
•Understanding the context and scope definition
•Management commitment and leadership
•ISMS policy and objectives
•Roles and responsibilities

Module 4     Security Planning and Risk Management

•Security threats & challenges
•Introduction to risk management and definitions
•Risk Assessment
•Risk Treatment
•The Statement of Applicability

Module 5     ISO27001 Mandatory Requirements - Support, Operation, Monitoring and Improvement

•ISO27001  support requirements
•ISMS operation
•Performance evaluation
•ISMS internal audit
•Management review
•ISMS continual improvement
•Continuous monitoring and technical security audits

Module 6     ISO27001 Annex-A Controls

•Introduction to ISO27001 Annex-A
•Security controls and control-types.
•Analysis of the Annex-A domains and controls

Module 7    ISO27001 Certification and Beyond

•The ISO organizations and standards
•The ISO27001 certification process
•Beyond best practices
•Data protection, privacy and related legal terms

Module 8     ISMS Training and Awareness

•Introduction to social engineering
•Phishing, spear phishing, spoofing, pharming
•Social engineering in social media
•CESG password guidance
•Cybersecurity realities
•Social engineering assessments

Module 9     Cybersecurity

•The Cybersecurity program
•ISO27032 – Incident management
•Common cybersecurity vulnerabilities
•DOS attacks
•Security Systems and devices
•Malware and Advanced Persistent Threats
•Mobile security
•Conclusions and critical success factors

Examination & Certification:

The ICSI|CIP certification exams cover material from all 9 modules and mainly consist of essay type questions, based in one or more case studies to be provided during the test.
The exam duration is three hours.

Pass = 50-59% Merit = 60-79% Distinction = 80-100%.

100% Final Assesement
sd sd sd sd sd sd sd sd sd sd sd sd