Information Security Management System

To support the preparation of participants in the Centre residential technical courses, the Centre provides an online web-based course on the theory of Information Security Management Systems.  This course is open to all individuals from CCDCOE member nations as well as NATO bodies. This course can be accessed through the NATO e-Learning Joint Advanced Distributed Learning Portal.

Learning Objectives

  • Define an ISMS
  • List the reasons why an organization should implement an ISMS
  • Describe the methodologies that could be used to evaluate risks and to select security controls for information systems
  • Give examples well-known international and national ISMS standards and frameworks
  • Describe the process of implementation of an ISMS

Target Audience

The TA of this module is the same TA, as the targeted TA of most of residential technical courses provided by the Centre.

Outline

  • Introduction of a formal system that is used to manage risks to information systems – an information security management system (ISMS)
  • Discussion of the implementation of an ISMS
  • Methodologies of the evaluation of risks and the selection of security controls, which an ISMS should include
  • Some well-known ISMS standards and frameworks
  • Circular process of implementation of an ISMS

Prerequisites

The requirements of most of residential technical courses provided by the Centre apply.

Registration

The course can be accessed through the NATO e-Learning Joint Advanced Distributed Learning portal and is available to all users of the portal. Once registered, users may access the course by navigating to the ‘Centres of Excellence’ -> ‘COE Cyber Defence’ -> ‘Information Security Management System’ course listing.