Introduction to ISO 27001 and Information Security Management Systems (ISMS)
Course Overview
- Overview of ISO 27001 and its relevance to financial institutions.
- Introduction to the concept of Information Security Management Systems (ISMS).
- Key components of ISO 27001: context, leadership, planning, support, operation, performance evaluation, and improvement.
- Importance of risk assessment in the context of information security.
- Establishing the scope of an ISMS and its alignment with business objectives.
Training Format:In-class, Virtual, In-house
Location:Lagos, Accra, Nairobi, Kigali
Language:English, French
Nigeria Price:
₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price:
$4000
Kenya Price:
$5500
Rwanda Price:
$6000
Nigeria Price:₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price:
$4000
Kenya Price:
$4000
Rwanda Price:
$4000
Nigeria Price: ₦330000
Int'l., (Nigeria) Price:
$1000
Ghana Price: $4000
Kenya Price: $4000
Rwanda Price: $4000
The Audit Process and Risk AssessmentContent:
- Introduction to the auditing process within the context of ISO 27001.
- Phases of an audit: planning, fieldwork, reporting, and follow-up.
- Risk assessment methodology and its role in auditing financial institutions.
- Identifying information security risks, threats, and vulnerabilities in financial institutions.
- Understanding the controls that mitigate these risks.
- Key audit tools and techniques used in information security audits.
Auditing Information Security Controls and ComplianceContent:
- Review of Annex A controls in ISO 27001: Organizational, Human Resource, Physical, Technological, and Legal controls.
- Auditing technical and procedural controls: firewalls, encryption, access controls, etc.
- How to evaluate the effectiveness of implemented controls.
- Legal and regulatory requirements for financial institutions in relation to information security.
- Ensuring compliance with data protection laws and financial regulations.
Reporting, Follow-up, and Continuous Improvement
Content:
- Developing audit findings and preparing audit reports.
- Writing clear, actionable recommendations for improvements in information security practices.
- Follow-up process: tracking the implementation of audit recommendations.
- Importance of continuous improvement in ISMS.
- Conducting internal audits and preparing for external audits.
- Lessons learned and best practices for ongoing compliance.
1ST BATCH: Tuesday, March 24, 2026 — Friday, March 27, 2026.
2ND BATCH: Tuesday, July 14, 2026 — Friday, July 17, 2026.
3RD BATCH: Tuesday, November 10, 2026 — Friday, November 13, 2026.
The training methodology integrates lectures, interactive discussions, collaborative group exercises, and
illustrative examples. Participants will acquire a blend of theoretical insights and hands-on practical
experience, emphasizing the application of learned techniques. This approach ensures that attendees return
to their professional environments equipped with both the competence and self-assurance to effectively
implement the acquired skills in their responsibilities.
Facebook
WhatsApp
X
Threads
Telegram
Print
