Select Page

certcube iso 27001 la


ISO 27001 is a structured set of guidelines and specifications for assisting organizations in developing their own information security framework. The standard relates to all information assets in an organization regardless of the media on which it is stored, or where it is located. The standard assists organizations in developing their own information security framework.

ISO 27001:2013 has  14 domain areas, 35 control objectives and 114 controls in all. The security controls represent information security best practices and the standard suggests that these controls should be applied depending on the business requirements.









module 1 : An Introduction to the Basics
  • Introduction
  • The structure of ISO 27001
  • Information security principles
  • Implementing ISO 27001 as a project
  • Documenting ISO 27001 requirements
  • ISO 27001:2013 Certification Process
  • Importance of Information in ISMS
  •  CIA and DAD Triads
  •  Need of ISMS
  •  Conformance Vs Compliance
  •  ISMS Purpose and Objectives
  •  Benefits of ISMS


module 2 : iso 27001 project planning
  • Understanding the organization and its context [clause 4.1]
  • Understanding the needs and expectations of interested parties [clause 4.2]
  • Determining the scope of the isms [clause 4.3]
  • Leadership and commitment [clause 5.1]
  • Information security policy [clause 5.2]
  • Organizational roles, responsibilities and authorities [clause 5.3]
  • Information security objectives [clause 6.2]
  • Resources [clause 7.1]
  • Competence [clause 7.2]
  • Awareness [clause 7.3]
  • Communication [clause 7.4]
  • Documented information [clause 7.5]


module 3 : Risk management & treatment plan
  • Addressing risks and opportunities [clause 6.1.1]
  • Risk management process [clause 6.1.2]
  • Risk identification [clause 6.1.2]
  • Risk analysis and evaluation [clause 6.1.2]
  • Information security risk treatment [clause 6.1.3]
  • Statement of applicability [clause 6.1.3]
  • Risk treatment plan [clause 6.1.3]


module 4 : Formulation and controlling
  • Formulating the risk treatment plan [clause 6.1.3]
  • Implementing the risk treatment plan [clause 8.3]
  • Operational planning and control [clause 8.1]
  • Operating the isms [clause 8]
  • Managing outsourcing of operations [clause 8.1]
  • Controlling changes [clause 8.1]
  • Risk assessment review [clause 8.2]


module 5 : measures , analysis & evasion
  • Monitoring, measurement, analysis, and evaluation [clause 9.1]
  • Internal audit [clause 9.2]
  • Management review [clause 9.3]
  • Nonconformities and corrective actions [clause 10.1]
  • Continual improvement [clause 10.2]


module 6 : annex-A objectives & controls
  • Introduction to annex a – reference control objectives and controls
  • Information security policies [a.5]
  • Organization of information security [a.6]
  • Human resources security [a.7]
  • Asset management [a.8]
  • Access control [a.9]
  • Cryptography [a.10]
  • Physical and environmental security [a.11]
  • Operational security [a.12]
  • Communications security [a.13]
  • System acquisition, development and maintenance [a.14]
  • Supplier relationships [a.15]
  • Information security incident management [a.16]
  • Information security aspects of business continuity management [a.17]
  • Compliance [a.18]


module 7 : audit 1
  • Auditor assumptions
  • Techniques for finding evidence
  • Sampling the records
  • Interviewing techniques
  • The audit findings
    • Nonconformities
    • Observations
  • Internal vs. External audit
  • Audit planning for an individual audit
  • Creation of the checklist
  • Principles of auditing
  • Audit criteria and objectives
  • Audit scope
  • Selecting audit methods
  • Sampling evidence in audits
  • Types of remote auditing techniques
  • Deciding when to use remote auditing techniques
  • Planning the use of remote auditing techniques
  • Managing audit risks
  • Preparing the audit plan
  • Allocating audit activities to auditors
  • Preparation of audit resources


module 8 : audit 2
  • Managing site visits
  • Debriefing sessions
  • Dealing with conflicts
  • The importance of managing your audit team
  • Communication with the team before the audit
  • Managing audit progress
  • Managing audit findings
  • Managing audit records
  • Evaluating your audit management
  • How to reach audit conclusions
  • Planning the closing meeting
  • Holding an effective closing meeting
  • Dealing with feedback at closing meetings
  • Effective audit report writing
  • Post-audit activities, corrections, and correction actions


who should attend this training?
  • Freshers

  • Ethical hackers

  • System Administrators

  • Network Administrators

  • Engineers

  • Web admins

  • Auditors

  • Security Professionals

why should i take this training?

The era of the technology is now growing every day but due to dependency on the technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.

prerequisite of the training ?

The person should familiar with basic computer operations 

what is the total duration of the training ?

Its an Instructor-led online training and the total duration of the training is 45 hours.

For more info kindly connect with us 

14 + 1 =

Our clients


Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

A good place to learn every small detail in cybersecurity.Really nice and helpful teacher.


Btech, BITS Mesra

together Let’s Create the future

10 + 8 =