SERVICES

ISO 27001 Audit and Implementation

Information Security Governance

Risk Management and Compliance

Program Design and Implementation

Specialized Services

Training and Workshops
KEY QUESTION
How does your organization maintain qualifications, skills, and competencies necessary to protect your information assets?

Services

Training and Workshops

JBW Group International offers Training and Workshops to Security Professionals, Information Technologists, Systems Analysts and others involved with developing and managing Information Systems. The courses use a mixture of classroom lecture, interactive group discussions and exercises to achieve their aim. Students come away with a detailed understanding of the course content and understand the requirements for the implementation of their new knowledge. The practical exercises are based upon fictional companies; however, the procedures, work instructions and data are typical and could relate to many different enterprises equally.

JBW Group International also provides workshops that are designed to help Senior Management understand how to implement the standards, meet legal and regulatory requirements as well as effectively manage risk and provide a tangible return on investment. Security Professionals, Information Technologists, Systems Analysts and others involved with developing and managing Information Systems will come away with an understanding of the general requirements, 11 areas, 39 control objectives and 133 specific controls that make up the ISO 27001:2005.

Seminars and Workshops

ISO 27001 Executive Briefing
ISO 27001 Boot Camp
ISO 27001 Introductory Workshop for Privacy Professionals

ISO 27001 Executive Briefing
This one-hour executive briefing is targeted at the C-level executive seeking a greater understanding of the standard, benefits of implementation for the organization and a high-level view of what it contains. It also articulates the requirements of senior management’s role in the successful implementation of ISMS. The remainder of the session includes requirements for implementation, a review of auditing an ISMS and a high-level view of the certification process.

ISO 27001, the internationally recognized Information Security Management Specification with Guidance for Use, is intended to provide the foundation for third party audit, and is harmonized with other management standards, such as ISO 9001 and ISO 14001. This standard helps establish and maintain an effective information management system within businesses.

Workshops are presented by John B. Weaver, President, CEO and Principle Consultant with JBW Group International Inc. He is one of four instructors in the Western Hemisphere and six instructors world-wide teaching BS7799 Audit and Implementation for BSI Americas, the for-profit training service of the British Standards Institute. Mr. Weaver is well respected internationally in the field of Information Security and has over sixteen year experience in Internet and Information Security.

ISO 27001 Boot Camp
Whether the organization has never heard of ISO 27001/ISO 27002 or completely understands the power it contains and wants to jumpstart ISMS implementation, a great first step is the ISO 27001/ISO 27002 Boot Camp. This half day interactive seminar is designed to provide any organization with an overview of the standard and structured to meet the needs of the audience regardless of industry. It will answer many of the questions businesses have regarding ISO 27001, including:
• What does it mean to be "certified?"
• How does it help the organization to protect information assets?
• Does an organization have to be certified to benefit from the standard?
• What is required of an organization to implement ISO 27001/ISO 27002?

The ISO 27001/ISO 27002 Boot Camp is also divided into sections appropriate to the audience;
• Executive Briefing
• ISO 27001 "Deep Dive"
• Implementation Basics
• Audit and Certification

The first hour is geared towards requirements of Senior Management. The Executive Briefing covers the origins, history and benefits of the standard and provides a high level view of what it contains. The requirements of senior management in the successful implementation of ISMS are also articulated. The remainder of the session includes a detailed look at the standard, requirements for implementation, a review of auditing an ISMS and a high-level view of the certification process.

ISO 27001 Introductory Workshop for Privacy Professionals
 Managing privacy compliance has become increasingly dependent upon systematically implemented information security management and effective coordination of policies and processes by privacy professionals with their counterparts in information security. At the same time, the ISO 27001 standard for information security management systems has become a recognized framework for implementing organizational structure, policies, processes and procedures for meeting the emerging legal and regulatory standard of "reasonable security" in the U.S., as well as international information security compliance requirements.

This workshop will provide a comprehensive introduction to ISO 27001 for privacy professionals, with an emphasis on:

  • Building a business-focused, adaptable and defensible information security compliance process to support privacy objectives, and
  • Utilizing the standard to effectively coordinate privacy and security compliance.

Workshop topics include:
Overview of ISO 27001

  • Evolution of the standard
  • Requirements for information security management systems
  • Controls
  • Guidance (ISO 27002:2005 Code of practice, commonly referred to as ISO 17799)

Implementation and Certification

  • Processes
  • Challenges (cross-functional compliance coordination, attainability and scalability)
  • Benefits to the CPO and CISO
  • Benefits to the organization

Coordinating Privacy and Security Management

  • Structures, processes, and controls that support specific privacy compliance objectives and tasks
  • ISO 27001 and other compliance frameworks and requirements sets (Federal Sentencing Guidelines, PCI-DSS, GLBA, HIPAA, NIST SP 800 series)
  • (This section can be customized to address specific client issues and objectives)

Contextual Examples

  • Preserving HR data compliance in mergers and acquisition
  • Addressing preventative and incident management requirements of security breach notification laws
  • Using ISO 27001 to address PCI-DSS implementation and compliance, and developing compensating controls
  • (This section can be customized to address specific client issues, business environments and objectives)

 

For further information on scheduling a workshop for your organization, the services offered, or other Information Assurance questions, please contact us.
 

Tel: +1.877.97.27001
E-mail: info@jbwgroup.com
About Us | Services | News | About Information Assurance | Contact Us
Copyright © 2002 - 2009 JBW International. All Rights Reserved. | Privacy Policy | Site Map