This is the only integration course that provides practical education on the integration of best practices for Information Security Management, Information Systems Auditing and multiple Regulatory Compliance requirements and how to map multiple regulatory requirements to the internationally accepted best practices framework of ISO/IEC 27002:2005 and the ISO/IEC 27001:2005 standard.The class covers the mapping of ISO/IEC 27002:2005 with CobiT, COSO and ITIL then explains a methodology to map regulations such as UK Data Protection Act, EU Directive on Privacy, HIPAA Security, FFIEC, GLB Act, FISMA (NIST 800-53/FIPS 200), Sarbanes-Oxley Act (Security), FACT Act, PCI Data Security Standard (Visa CISP), California SB-1386, Canadian Bill C-198, OSFI, PIPEDA, PIPA, PHIPA to the ISO/IEC 27002:2005 framework.

Since its launch in March 2005, this unique certification course has been promoted by the local chapters of ISSA (Information Systems Security Association) and ISACA (Information Systems Audit and Control Association) and this class earns 35 CPE’s for each attendee.

Students will gain the knowledge to help their organizations or clients implement processes, procedures and policies, for a solid information security governance program, compliant with the requirements of ISO/IEC 27002:2005 and ISO/IEC 27001:2005 certification plus compliance with applicable regulations. Students will also be provided the option of taking the HISP certification test on the final day of the class.

Who should attend?

  • Staff tasked with the implementation and management of an ISO/IEC 17799:2000 or ISO/IEC 27002:2005 Information security management system (ISMS).
  • Staff tasked with the adoption of CobiT as an IT governance framework.
  • Staff tasked with ensuring compliance with, EU Directive on Privacy, HIPAA Security, SOX Security, GLBA, California SB1386, FACT Act, PCI-DSS NIST 800-53 and other regulations.
  • Staff tasked with achieving regulatory compliance with multiple Information Security requirements.
  • Information Security Consultants or Third Party Auditors.
  • Auditors (External and Internal).
  • Information Security Officers.
  • IT Managers/Directors.
  • Privacy/Compliance Officers

Business benefits to you and your organization?

  • Learn how to adopt international best practices pertaining to Information Security
  • Learn how to adopt CobiT as an IT governance framework
  • Learn how to effectively map multiple standards through a Compliance Matrix
  • Take the knowledge and skills imparted during this exercise and use them to improve confidentiality, integrity and availability of information systems
  • Gain competitive advantage
  • Improve customer and investor confidence
  • Show due diligence and due care
  • Receive 35 CPE credits that apply to the CPE requirements of ISACA’s CISA and CISM certifications as well as (ISC)2’s CISSP certification
  • Be among the first certified Holistic Information Security Practitioners in the IT industry

Course Materials

A comprehensive set of materials will be provided during the 5 day course.

Sample Student Guides

  • ISO/IEC 27002:2005 Compliance Student Guide
  • Information Systems Auditing Student Guide

Sample Mappings

  • ISO/IEC 27001:2005 to HIPAA, GLBA, SOX, CA SB-1386, NIST 800-53, FACTA and PCI/CISP, PIPEDA, PIPA (Detailed)
  • ISO/IEC 27002:2000, ISO/IEC 27002:2000, CobiT Security Baseline to PCI-DSS(Visa CISP)
  • CobiT to ITIL, COSO, and ISO/IEC 27002:2005
  • Materials on the domains of ISO/IEC 27002
  • Materials on the domains of CobiT
  • Case studies on ISO/IEC 27002, CobiT, and regulatory compliance
  • The HISP certification exam

ISO/IEC 27002 Student Handouts samples

  • Security Policy - Information Technology Security Handbook
  • Security Policy - Third Party Policy and Connection Agreement
  • Asset management