Information Security Management Expert based on ISO/IEC 27002:2013
Information security is becoming increasingly important. Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers) and a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet. Furthermore, activities of many companies now rely on IT, and information has become a valuable asset. Protection of information is crucial for the continuity and proper functioning of the organization: information must be reliable.
The module Information Security Management Expert based on ISO/IEC 27002:2013 (ISMES.EN) tests specialized knowledge, understanding and skills in structuring, maintaining and optimizing the security of information within an organization.
The international standard, the Code of Practice for Information Security ISO/IEC 27002:2013 structures the organization of information security. For that reason, it is an important point of departure for this module.
Grupo objetivoIT professionals responsible for the partial or overall set up and development of structural information security, like the Chief Information Security Officer, CISO, the Information Security Manager, ISM, or the Business Information Security Architect, BISA.
ContextoThe ISMES module is the continuation of Information Security Foundation (ISFS.EN) and Information Security Management Advanced (ISMAS.EN).
- The Information Security Foundation Certificate.
- The Information Security Management Advanced Certificate.
- The participant has to have at least 2 years of tangible practical experience at the management level in at least two of the main topic areas (examination requirements) of this module.
Requirements for the certificate
- The Information Security Management Expert training course or coaching track with an EXIN accredited training provider (ATP).
Especificaciones del examen
- Organization of information security (establishing Information Security Management System, ISMS) 20%
- Information security policy 10%
- Risk analysis 10%
- Organizational change and –development pertaining to Information Security 40%
- Standards and norms 10%
- Audits and certification 10%
Detalles del ExamenNumber of questions: Not relevant
Pass mark: 55%
Open book: No
Electronic equipment permitted: For presentation