ISO/IEC 27001:2022 Overview

Overview

ISO/IEC 27001 is an international standard that provides a framework for Information Security Management Systems (ISMS) to help organizations secure their information assets. It sets out the criteria for establishing, implementing, maintaining, and continually improving an ISMS, and includes aspects such as risk management, security controls, and compliance. This standard is important for organizations as it helps in protecting sensitive information, managing risk effectively, and building trust with stakeholders by demonstrating security best practices. This course provides a foundational overview of the ISO/IEC 27001 standard and what an organization would need to plan, execute and maintain an ISO/IEC 27001 certification. This course also provides a brief overview of some of the changes from the 2018 version to the 2022 version.
ISO/IEC 27001:2022 Overview Overview
ISO/IEC 27001 is an international standard that provides a framework for Information Security Management Systems (ISMS) to help organizations secure their information assets. It sets out the criteria for establishing, implementing, maintaining, and continually improving an ISMS, and includes aspects such as risk management, security controls, and compliance. This standard is important for organizations as it helps in protecting sensitive information, managing risk effectively, and building trust with stakeholders by demonstrating security best practices. This course provides a foundational overview of the ISO/IEC 27001 standard and what an organization would need to plan, execute and maintain an ISO/IEC 27001 certification. This course also provides a brief overview of some of the changes from the 2018 version to the 2022 version.
Clock icon0h 3m
WEBVTT Thank you so much for joining us here at ACI Learning. I'm your host, Lauren Deal, and I'll be your learner advocate as we go along asking Chris Ward all the questions you probably have at home about the ISO IEC 27001. Welcome in, Chris. Good to be with you, as always, Lauren, and excited to walk our students, our viewers, through the standard for information security management, and that's really what this entire course is going to be about. Well, I'm excited to be jumping in because this is something that it's great to have the knowledge base behind it, but it's also something that you can have some brag-worthy rights to if you get the certification. Is that right? Well, definitely, we are brag-worthy, I guess, here at ACI IT Pro because we are ISO 27001 certified. And what that means is that if you are a customer of ours, which all of you who are viewing probably are, it means that we take your information, your data, very seriously, and that because we handle it, because we deal with it on a day-to-day basis, well, guess what? We make sure that it is protected, that we follow the confidentiality, integrity, availability of the CIA or the iron triangle. We make sure that people are authenticating and that there is non-repudiation, and that all of this is put together into a system, the information security management system, and that way we know that if there's any bad actors or actresses out there that are trying to gain access to that, we are doing our utmost to protect it for you. And so what does that mean for those of you who are watching this particular course? We are gonna walk you through the actual ISO, IEC 27001, and you would put a little colon, 2022. In fact, our good friend Titus, our director, is gonna put that up for you on the screen. You get to see what it actually looks like. Here you go, the international standard. Notice it is a standard. This is the third edition. And this is all about information security, cybersecurity, and privacy protection, and the information security management systems requirements. And what that means is in order for your organization to say that they are ISO, IEC 27001 certified, is that you are doing all of, as we're gonna always do to see, the shawls. Now there's not a personal certification. So for you as an individual, you are not going to become ISO, IEC 27001 certified. So you don't get a certification. Your organization, on the other hand, can be certified. And maybe that's why you're watching this. Maybe that's why you're thinking, well, I've been tasked by my boss, my management, or senior management of your organization to look into this. What is that going to be, or what's going to be expected of you, I should say. And the good thing is, is that we're gonna walk you through this from the beginning to the end, and give you just a nice overview of, hey, this is what's expected. Here's what it's going to be like when you go through this particular process, Lauren. - I'm so glad that we get a chance to see the document, and we're gonna be diving into it a little bit deeper as we go through this together. So we're gonna jump into our first episode, and start talking about the ISO, IEC 27001. Click next.

Learning Style

On Demand

Length of course

4h 53m
25 Episodes

Here are the topics we'll cover

  • Course Overview
  • Standard Overview
  • The Organization
  • Leadership
  • Planning
  • Support
  • Operation
  • Performance Evaluation
  • Improvement
Learning Options

Options for this course

Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.