ISO 27001 2013 Training – A New Approach

Meeting Current Needs for ISO27001:2005

In September 2013, ISO27001:2005 was replaced by the updated ISO 27001:2013 standard. With significant structural changes including flexible risk assessment and continuous improvement options, the introduction of the new standard requires a new approach to the training of staff involved in ISO27001 implementation and audit projects.

While ISO27001:2005 has been replaced by the new version, there is currently no ISO 27001:2013 accredited certification scheme available in the world. In the UK, we estimate that the earliest any UKAS accredited Certification Body will have such a scheme available would be March-April 2014. The details and cost of the new ISO27001:2013 certification scheme are as yet unknown.

The existing ISO27001:2005 certification schemes are still currently the only available way of obtaining the ISO27001 standard. We are advising all organisations who wish to become certificated in the next 6-12 months to focus on satisfying the requirements of the ISO27001:2005 standard and to train their staff appropriately.

We are also advising organisations that they must understand the requirements of ISO27001:2013. Upon received their accreditation to ISO27001:2005, they will in the future be expected to meet the requirements of ISO 27001:2013 during regular CAV visits (every 6/12 months) and when they are re-audited after 3 years.

Our ISO27001 Training Programme – Updated with 2013 Knowledge

IT Governance is responsible for the world’s first programme of accredited ISO27001 training which includes the following courses:

• ISO27001 Certified ISMS Foundation
• ISO27001 Certified ISMS Lead Implementer
• ISO27005 Certified ISMS Risk Management
• ISO27001 Certified ISMS Internal Auditor
• ISO27001 Certified ISMS Lead Auditor

While based on the implementation or audit of the requirements as specified by the ISO27001:2005, all of our training courses have been upgraded to include a unique ‘ISO27001:2013 knowledge update’.

All courses except the Internal Auditor training course award qualifications which are accredited by the International Board for IT Governance Qualifications (IBITGQ).

Preparing for the Future with ISO27001:2013

For organisations that are already compliant with ISO27001 and individuals who will advise on the implementation and auditing in the future, it is of course essential to have a detailed knowledge of the new requirements as defined in the ISO27001:2013 standard. For a more detailed understanding and update of the ISO27001:2013 implementation and audit processes, we recommend attendance on our new ISO27001 2013 Certified ISMS Transition training course. This 1 day session has also been designed for existing holders of Certified ISMS Lead Implementer (CIS LI) and/or Certified ISMS Lead Auditor (CIS LA) qualifications who will be awarded upgraded 2013 IBITGQ certificates.

Combining Current and Future ISO27001 Training

For organisations and individuals who wish to ensure they are trained to meet the current requirements of ISO27001:2005 and the future requirements of ISO27001:2013, we recommend the following learning paths and training course combinations:

ISO27001 Implementation Training

• ISO27001 Certified ISMS Lead Implementer
• ISO27001 2013 Certified ISMS Transition

And recommend the following:

• ISO27005 Certified ISMS Risk Management
• ISO27001 Certified ISMS Internal Auditor

ISO27001 Lead Audit Training

• ISO27001 Certified ISMS Lead Auditor
• ISO27001 2013 Certified ISMS Transition

If you would like further advice on the options for current and future ISO27001 training, please take the opportunity to email or call us directly on 0845 070 1750.