Information Security

Information Security Manager acc. to ISO 27001

| 4 days Events

Overview

As an Information Security Manager, you will take the central position within the company where management and technological competence are equally required. You will autonomously take care of establishing, implementing and continually improving the Information Security Management System (ISMS) and act as an interface between the top managerial level and the operational business areas. This CIS Course will safely take you to your goal – it imparts the key elements of the international standard ISO/IEC 27001 as well as its correct interpretation and implementation in a practice-oriented manner.

Your advantage: this includes your personal copy of the norm ISO 27001 and ISO 27002.

Objective

After completing this series of courses, you will be familiar with the processes and standard requirements for implementing ISO 27001 and ISO 27002 and will be able to apply them in practice. You are familiar with the laws and regulations relevant to information security and have the tools to be a competent contact for legal advisors. Furthermore, you know how to form, lead and motivate teams and can successfully implement projects.

Certification

CIS is accredited for personnel certification by the Austrian Ministry for Economic Affairs. This means the Certificates for Individuals are documents recognized on a national and international scale.

Content & Sequence of the series of courses

As the requirements placed on Information Security Managers are so high, the bow of the contents of the training is bent quite far. The course includes three modules, which can be attended independently one from another:

  • Module 1: the ISO 27001 / ISO 27002 Standards
  • Module 2: legal bases
  • Module 3: psychological bases for IS Managers

After successful completion of the examination you will obtain the recognized Certificate “Information Security Manager” acc. to ISO 27001.

As a certified IS Manager, you will also meet the requirements for participating in the continuing IS Auditor Training offered by CIS.

 

The series of courses lasts 4 days and is structured as follows:

Day 1 + 2: The ISMS standards ISO 27001 and ISO 27002: Implement and optimize information security properly (ISMN).
Day 3: Legal basics for information security managers: Compliance
Day 4: Psychological basics: From employee motivation to conflict management (ISMP) and examination for Information Security Manager (ISM-P), duration approx. 1 hour

Single Modules are offered after request.

Structure of Series of courses Information Security Manager acc. to ISO 27001

Single Modules are offered after request

Module 1 – The ISMS Standards ISO 27001 and ISO 27002:

Correctly implementing and optimizing information security

Overview:

This module in the training course series teaches how to understand and effectively implement the normative requirements of ISO/IEC 27001, as amended, for an Information Security Management System (ISMS). This includes:

  • the responsibilities and tasks of top management
  • the identification of the information security requirements within the context of the organization and the requirements of interested parties
  • deriving the risk acceptance criteria and fundamentals of risk management
  • the resources needed for an ISMS
  • determining the performance of the ISMS based on key performance indicators and results of internal IS audits
  • determining the improvement measures on the basis of the decisions from the management review.

In addition, the controls from Annex A of ISO/IEC 27001 are presented together with the implementation guidance stated in ISO/IEC 27002.

Many of these topics are clarified by practical examples.

Goal of the seminar:

After successful completion of this module, participants will know the standard requirements of ISO/IEC 27001 and will be able to implement them in an organization. Furthermore, they will have an overview of the controls stated in Annex A of ISO/IEC 27001 and will be able to evaluate and use the implementation guidance of ISO/IEC 27002.

Duration:

2 days

Module 2 – Psychological bases for IS Managers:

From people motivation to the capabiltiy of handling conflicts

Overview:

Sometimes establishing new systems is faced with opposition – unless you are in command of the high school of psychology. This one-day seminar will impart you the bases enabling you to successfully implement the technical knowledge acquired within a company. This includes such soft skills as moderation skills, capability of working in a team, capability of handling conflicts, interdisciplinary cooperation or knowledge of relational models, group dynamic processes and motivation techniques.

A manager’s way of seeing himself/herself also is one of the decisive success factors

Goal of the seminar:

The participants will be enabled to successfully put through the corporate goals with as few frictional losses on the relational level as possible. They will also learn how to establish, manage and motivate project teams.

Duration:

1 day

Module 3 – Legal bases for IS Managers:

Identifying and competently implementing requirements relating to compliance

Overview:

One important element in the field of information security is formed by laws regulating protection of data. In this one-day seminar, three priorities will be imparted to you.

  1. Data protection & Data security: This block provides information on: data worth protecting, ways of using data, data secrecy, and the rights of data subjects, penalties and compensation; furthermore, the topics of protection and control of employees as well as software protection are addressed.
  2. E-Commerce: This chapter deals with the E-Commerce Directive, remote sales and the Signature Act.
  3. Copyright, domain-names: The last section is devoted to trade-mark protection and protection of names and identification marks.

Goal of the seminar:

The participants know the laws relevant to information security and can autonomously apply the most important rules. They have the basic skills enabling them to be competent contact persons for legal consultants called in.

Duration:

1 day

Examination IS Manager

Content of the examination:

The contents of the examination refer to the three CIS Course Modules

  • The ISMS Standards ISO 27001 and ISO 27002
  • Psychological bases for IS Managers
  • Legal bases for IS Managers

Admission to examination:

The admission conditions for each examination are stated in the CIS - course content. Registration to an examination will have to be done in writing with CIS, compliance with the admission conditions having to be demonstrated by the person applying for the Certificate. If the person applying for the Certificate has attended the trainings within the qualification programs of CIS, the trainings will be recognized automatically if the applicant was present at least 80% of the period covered by the event. If a person applying for the Certificate wants to have other trainings credited, it is necessary to have the equivalence of these trainings with the certification program stated.

For stating this equivalence, a separate written application will have to be filed. A presentation of the trainings completed and a comparison with the requirements placed by the certification program will have to be enclosed to this application. The respective requirements can be requested from the Certification Body.

For reviewing conformity to the certification program and topicality of the references provided by the person applying for the Certificate, a qualification check will be made. This check is made up of oral technical discussions lasting 30 to 60 minutes and will be carried.

Conduct of the examination:

The written examination (multiple choice) will take 1 hour.

Certificate:

Upon positive completion of the examination, the Certificate “Information Security Manager” will be issued.

Period of validity of the Certificate:

3 years

Prolongation criteria:

  • evidencing 3 years’ job experience in information security management
  • one CIS Further Training Event (Refresher) within 3 years
Participation fee

The participation fee for the entire Information Security Manager course series, including examination and certificate, is € 3.290,- (excl. 20 % VAT).

Prices for individual modules on inquiry. Please contact us at trainings@cis-cert.com.

Prerequisites

Prerequisites for examination: Participation in all modules of the CIS IS Manager training or equivalent training

Events

07.10.2024 to 10.10.2024
German
 3.290,00Regulärer Preis
exklusive 20% MwSt.
11.11.2024 to 14.11.2024
German
 3.290,00Regulärer Preis
exklusive 20% MwSt.
25.11.2024 to 28.11.2024

 

Online

NEW in English

 3.290,00Regulärer Preis
exklusive 20% MwSt.
10.02.2025 to 13.02.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
17.03.2025 to 20.03.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
07.04.2025 to 10.04.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
12.05.2025 to 15.05.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
02.06.2025 to 05.06.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
08.09.2025 to 11.09.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
06.10.2025 to 09.10.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.
10.11.2025 to 13.11.2025
German
 3.490,00Regulärer Preis
exklusive 20% MwSt.

Please note that deviations from the new course program may arise in terms of content and participation fees.

Our experts for this area

Impartial. Competent. Trustworthy.

Team

Portraitfoto Robert Jamnik

Mr. Robert Jamnik

Head of Audit Services, Lead Auditor ISO 20000, ISO 27001 and NISV

+43 1 532 98 90