Building an ISO 27001-Compliant Cybersecurity Program: Getting Started

Focused View

Marc Menninger

1:29:25

244 View

01.01-the international standard for information security.mp4

01:05

01.02-who this course is for and prerequisites.mp4

00:59

02.01-what is the iso 27001 standard.mp4

04:57

02.02-breaking down the iso 27001 standard.mp4

03:33

02.03-why build an iso 27001-compliant cybersecurity program.mp4

02:55

02.04-iso 27001 gaps and criticisms.mp4

03:24

03.01-iso 27001 compliance and certification.mp4

03:23

03.02-what to expect when getting iso 27001 certified.mp4

04:14

03.03-building your iso 27001 compliance plan.mp4

04:33

03.04-begin the iso 27001 compliance process introduction to clauses 4 through 10.mp4

03:22

04.01-context of the organization and needs of interested parties (clauses 4.1 and 4.2).mp4

04:07

04.02-the information security management system (isms) and its scope (clauses 4.3 and 4.4).mp4

04:25

05.01-leadership and commitment (clause 5.1).mp4

03:13

05.02-policy (clause 5.2).mp4

03:33

05.03-organizational roles responsibilities and authorities (clause 5.3).mp4

02:54

06.01-information security risk assessment (clause 6.1.2).mp4

06:01

06.02-information security risk treatment (clause 6.1.3).mp4

03:04

06.03-information security objectives and planning to achieve them (clause 6.2).mp4

02:36

07.01-resources competence and awareness (clauses 7.1 7.2 and 7.3).mp4

04:44

07.02-communication (clause 7.4).mp4

02:07

07.03-documented information (clause 7.5).mp4

03:32

07.04-operational planning and control risk assessment and risk treatment (clauses 8.1 8.2 and 8.3).mp4

03:12

08.01-monitoring measurement analysis and evaluation (clause 9.1).mp4

03:08

08.02-internal audit (clause 9.2).mp4

03:44

08.03-management review (clause 9.3).mp4

02:15

08.04-corrective action and continual improvement (clause 10).mp4

03:12

09.01-next steps to take with iso 27001.mp4

01:13

Ex Files Building ISO 27001 Compliant Cybersecurity Program.zip

Description

If you’re an information security manager, your day-to-day work life depends on meeting recognized standards of practice. In this new two-part course, instructor Marc Menninger takes a closer look at what the ISO 27001 standard is and why it’s used around the world to build information security programs that work.

Discover why the ISO 27001 standard is one of the most popular frameworks for building effective cybersecurity programs. Learn what it takes to comply with and become certified as compliant with the standard. Find out how the standard is organized, get a description of the certification process, and explore an easy-to-follow, step-by-step plan for building a cybersecurity program that’s ISO 27001-compliant as defined by clauses four through ten. Along the way, Marc gives you handy reference documents and checklists that you can use to retain what you learn and track your compliance progress.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Cyber Security

ISO 27001

Marc Menninger

Instructor's Courses

Security leader with 20+ years of practical enterprise security experience including strategy, policies, governance, technology, risk management, and team development. I have a proven track record of success in strengthening the security posture of the organizations that I serve. KEY ACCOMPLISHMENTS • Planned, developed, and implemented company-wide information security program from scratch based on ISO 27001 security framework • Led successful completion of multiple third-party penetration tests and ISO 27001, HIPAA, and SOC 2 Type 2 audits • Wrote and implemented new information security policies, procedures, and standards in alignment with ISO 27001 • Instituted and chaired the Information Security Steering Committees (ISSC) consisting of company executives and directors • Directed the implementation of the company's first Security Information and Event Management (SIEM) system CERTIFICATIONS & ASSOCIATIONS • Certified Information Systems Security Professional (CISSP) since 2000 • Certified in Risk and Information System Controls (CRISC) • ISACA Board Member • Seattle SecureWorld Expo Advisory Council • Rotary International member since 2008 INDUSTRY EXPERIENCE • Federal, financial, and technology background • ISO 27001-aligned information security program development and management • Security project management • Governance, Risk and Compliance (GRC) • ISO 27001, PCI DSS, SOC 2, HIPAA, FedRAMP, and GLBA compliance gap analysis • Security policy and standards development • Vulnerability management • Network security audit and assessment • Security training and awareness

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.