ISO 27001:2022-Compliant Cybersecurity: Getting Started

Focused View

Marc Menninger

1:22:17

192 View

01 - Introduction

01 - The international standard for information security.mp4

00:43

02 - Who this course is for and prerequisites.mp4

00:58

02 - 1. ISO 27001 Overview

01 - What is the ISO 27001 standard.mp4

03:47

02 - Breaking down the ISO 27001 standard.mp4

03:12

03 - Why build an ISO 27001-compliant cybersecurity program.mp4

02:50

04 - ISO 27001 gaps and criticisms.mp4

03:10

05 - ISO 270012013 and ISO 270012022 differences and mapping.mp4

02:32

03 - 2. Complying with ISO 27001

01 - ISO 27001 compliance and certification.mp4

03:02

02 - What to expect when getting ISO 27001 certified.mp4

04:09

03 - Building your ISO 27001 compliance plan.mp4

03:38

04 - Begin the ISO 27001 compliance process Introduction to Clauses 4 through 10.mp4

03:02

04 - 3. Context of the Organization (Clause 4)

01 - Context of the organization and needs of interested parties (Clauses 4.1 and 4.2).mp4

03:44

02 - The information security management system (ISMS) and its scope (Clauses 4.3 and 4.4).mp4

04:04

05 - 4. Leadership (Clause 5)

01 - Leadership and commitment (Clause 5.1).mp4

02:51

02 - Policy (Clause 5.2).mp4

03:10

03 - Organizational roles, responsibilities, and authorities (Clause 5.3).mp4

02:39

06 - 5. Planning (Clause 6)

01 - Information security risk assessment (Clause 6.1.2).mp4

05:18

02 - Information security risk treatment (Clause 6.1.3).mp4

02:48

03 - Information security objectives and planning to achieve them (Clause 6.2).mp4

02:27

07 - 6. Support and Operation (Clauses 7 and 8)

01 - Resources, competence, and awareness (Clauses 7.1, 7.2, and 7.3).mp4

04:08

02 - Communication (Clause 7.4).mp4

02:00

03 - Documented information (Clause 7.5).mp4

03:18

04 - Operational planning and control, risk assessment, and risk treatment (Clauses 8.1, 8.2, and 8.3).mp4

02:57

08 - 7. Performance Evaluation and Improvement (Clauses 9 and 10)

01 - Monitoring, measurement, analysis, and evaluation (Clause 9.1).mp4

02:58

02 - Internal audit (Clause 9.2).mp4

03:18

03 - Management review (Clause 9.3).mp4

02:01

04 - Nonconformity, corrective actions, and continual improvement (Clauses 10.1 and 10.2).mp4

02:52

09 - Conclusion

01 - Continuing your ISO 27001 compliance journey.mp4

00:41

Description

Discover why the ISO 27001-2022 standard is one of the most popular frameworks for building effective cybersecurity programs and learn what it takes to comply with and get certified as compliant with this standard. In this course, cybersecurity director Marc Menninger provides an overview of how to build an ISO 27001-2022-compliant cybersecurity program. Learn what this standard is and discover why it is used around the world as the guidebook for constructing information security programs that work. Dive into how the standard is organized and get a description of the certification process. Explore a step-by-step plan that you can follow if you want to build a cybersecurity program that complies with the ISO 2700-2022 standard. Additionally, go over gaps and criticisms of the standard and examine ways to fill those gaps. With the information in this course, you can begin to build a cybersecurity program that is both effective and compliant with ISO 27001-2022.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

ISO 9001

Cyber Security

Cyber Security Awareness

ISO 45001

ISO 27001

ISO 45003

Marc Menninger

Instructor's Courses

Security leader with 20+ years of practical enterprise security experience including strategy, policies, governance, technology, risk management, and team development. I have a proven track record of success in strengthening the security posture of the organizations that I serve. KEY ACCOMPLISHMENTS • Planned, developed, and implemented company-wide information security program from scratch based on ISO 27001 security framework • Led successful completion of multiple third-party penetration tests and ISO 27001, HIPAA, and SOC 2 Type 2 audits • Wrote and implemented new information security policies, procedures, and standards in alignment with ISO 27001 • Instituted and chaired the Information Security Steering Committees (ISSC) consisting of company executives and directors • Directed the implementation of the company's first Security Information and Event Management (SIEM) system CERTIFICATIONS & ASSOCIATIONS • Certified Information Systems Security Professional (CISSP) since 2000 • Certified in Risk and Information System Controls (CRISC) • ISACA Board Member • Seattle SecureWorld Expo Advisory Council • Rotary International member since 2008 INDUSTRY EXPERIENCE • Federal, financial, and technology background • ISO 27001-aligned information security program development and management • Security project management • Governance, Risk and Compliance (GRC) • ISO 27001, PCI DSS, SOC 2, HIPAA, FedRAMP, and GLBA compliance gap analysis • Security policy and standards development • Vulnerability management • Network security audit and assessment • Security training and awareness

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.