Objective: To enable management to understand the implementation of an Information Security Management System in accordance with the BS 7799 Standard.

Description: A well-managed security infrastructure is a business enabler and is achieved through analysing existing risks and implementing well-directed controls. This can be achieved by defining an Information Security Management System (ISMS) that reflects an organisation's approach to risk management and the level of assurance required. The scope of ISMS depends on an organisation's size, the IT infrastructure used and the support functions involved.

This course prepares the participants to define the scope and design an organisational ISMS based on BS 7799 standards.