Industry 4.0, the so-called fourth industrial revolution, stands for intelligent networking of development, production, logistics and customers. It represents a multitude of information and data that are often of existential value to organizations. Protecting their availability, integrity and confidentiality is a central task. Information security encompasses all measures that help to become aware of existing risks, identify them, and take appropriate and suitable measures to protect them.

Information security - Questions and answers about ISO 27001

Due to insufficient security in information processing, the German economy alone suffers damage amounting to billions of euros every year. The reasons for this are complex and range from external disturbances, technical errors, and industrial espionage to misuse of information by former employees. But only those who recognize the challenges can also initiate appropriate measures. A well-structured information security management system in accordance with the internationally recognized ISO 27001 standard is an optimal basis for the effective implementation of a holistic security strategy. What exactly does this mean and what needs to be considered? Get answers to important questions about ISO 27001 right here.

CONTENT

  • What is information security?
  • What are the protection goals of information security?
  • What is an information security management system?
  • For which organizations is ISO 27001 useful?
  • What are the benefits of an information security management system?
  • What is the role of people?
  • ISO 27001 - Questions about the introduction
  • Why ISO 27001 certification?
  • DQS - What we can do for you

What is information security?

The answer to this question is quite simple in terms of the international family of standards for information security ISO 2700x:

"Information is data that is of value to the organization."

ISO/IEC 27000:2020-06: Information technology - Security techniques - Information security management systems - Overview and vocabulary

You see, information is an asset that should not fall into the hands of unauthorized persons, and that requires appropriate protection.

Information security is therefore everything that has to do with protecting your company's information assets. The decisive factor here is to be aware of the risks that exist in the context of the company, or to uncover them and counter them with appropriate measures based on needs.

"Information security is not IT security"

IT security refers only to the security of the technology deployed and not to the corporate assets to be protected. Organizational concerns, for example, access authorizations, responsibilities or approval procedures, as well as psychological aspects, also play an essential role in information security. However, secure IT also protects the information in the company.

What are the protection goals of information security?

According to the international standard ISO/IEC 27001, the protection goals for information security comprise three main aspects:

  • Confidentiality - protection of confidential information from unauthorized access, whether for reasons of data protection laws or on the basis of trade secrets covered by e.g. a Trade Secrets Act. It is the level of confidentiality that is relevant here.
  • Integrity - minimizing any risks, ensuring completeness and reliability of all data and information.
  • Availability - ensuring access and usability for authorized access to information, buildings and systems. This is essential for maintaining processes.

Certified information security according to ISO 27001

Protect your information with a management system that meets international standards ✓ DQS offers over 35 years of experience in certification ✓

Key questions about information security

  • What are my company's values?
  • Which company values need to be protected?
  • What attacks are the company assets exposed to?
  • Who has an interest in protecting this information?
  • What are appropriate measures?

What is an information security management system?

An information security management system (ISMS) according to ISO/IEC 27001 defines guidelines, rules and methods to ensure the security of information worth protecting in an organization. It provides a model for introducing, implementing, monitoring and improving the level of protection - in accordance with the systematic procedure of the PDCA cycle (Plan-Do-Check-Act) familiar with ISO 9001.

The aim is to identify and analyze potential risks and make them controllable through appropriate measures.

Valuable knowledge 

ISO 27001 in practice 

Our audit guide ISO 27001 - Annex A has been created by leading experts as a practical implementation guide and is ideal for better understanding selected requirements. The guideline is based on ISO/IEC 27001:2017.

You can find more information in our DQS Audit Guide ISO 27001 - Annex A

Why is information security management important?

Successful organizations use the structure and transparency of modern management systems to detect threats and target the deployment of contemporary security systems. At the heart of an information security management system is the security of your own information assets, such as intellectual property, financial and personnel data, as well as information entrusted to you by customers or third parties.

"Information security always means protecting significant information or data of value."

The risks to which the data worth protecting is exposed are many. They can arise from material, human and technical security threats. But only a holistic, preventive management system approach of an ISMS can address the entire spectrum of threats and ensure a company's business continuity.

For which organizations is ISO 27001 useful?

The answer to that question is very simple: for all. ISO 27001 can basically be applied in all organizations, regardless of their type, size and industry. And: all organizations benefit from the advantages of a structured management system. The implementation of an ISMS is influenced by the following factors:

  • The requirements and business objectives
  • The security needs
  • The business processes applied
  • The size and structure of the organization

What are the benefits of an information security management system?

An important question. ISO 27001 formulates the requirements for the systematic design and implementation of a process-oriented management system for information security. Decisive advantages can be achieved through this holistic approach:

  • The security of sensitive information becomes an integral part of the company's processes
  • Preventive safeguarding of the protection goals, confidentiality, availability and integrity of information
  • Maintaining business continuity through continuous improvement of the security level
  • Sensitization of employees and significantly increased security awareness at all levels of the company
  • Establishing an effective risk management process
  • Building trust with interested parties (e.g. tenders) through demonstrably secure handling of sensitive information
  • Adherence to relevant compliance requirements, more security of action and legal certainty

How can potential risks be managed?

Security risks can arise from material, human and technical threats. To achieve a traceable and appropriate level of security in the organization, a defined risk management process or method for risk assessment, risk treatment and risk monitoring is required. ISO/IEC 27005 provides good guidance on information security risk management.

What role do people play?

People are also a risk factor because the handling of sensitive information affects all employees and partners of a company without exception. They pose an increased security risk, whether through ignorance or human error. But only very few organizations regulate who may gain access to which information, and how it is to be handled.

"The new source of power is no longer money in the hands of the few, but information in the hands of the many." John Naisbitt, *1929, American. Futurologist

Binding regulations and a pronounced awareness of all information security concerns are therefore a basic prerequisite. The adaptation of corporate policy or the development of a suitable information security policy is considered essential here. The necessary sensitization of employees at all (management) levels is a matter for the boss and can take place, for example, through training courses, workshops or personal discussions.

ISO 27001 - Implementation questions

The question as to whether a company must already have introduced a management system, for example in accordance with ISO 9001, can clearly be answered with "no". ISO 27001 is a generic standard and - like all management system standards - stands on its own. This means that an organization can set up and implement an information security management system at any time and independently of any existing structures.

Nevertheless, companies that have a quality management system in accordance with ISO 9001 have already created a good basis for the step-by-step introduction of comprehensive information security.

In its structure and approach, ISO 27001 is based on the mandatory basic structure for all process-oriented management system standards, the High-Level Structure. Consequently, this offers you the possibility of easily integrating an information security management system into an already existing management system. Likewise, a joint certification according to ISO 27001 with ISO 20000-1 (IT Service Management) or ISO 22301 (Business Continuity Management) by DQS is possible.

Which documents can support the introduction?

The preferred basis for introducing a holistic management system for information security is the international ISO/IEC 2700x family of standards. It is intended to support organizations of all types and sizes in implementing and operating an ISMS. The degree of implementation within the organization can be checked by means of an internal audit.

Helpful components of the standard series are

  • ISO/IEC 27000:2018: Information technology - Security techniques - Information security management systems - Overview and vocabulary
  • ISO/IEC 27001:2013: Information technology - Security techniques - Information security management systems - Requirements (The new version of the standard was published in October 2022, more information to come)
  • ISO/IEC 27002-02 – Information security, cybersecurity and privacy protection – Information security controls. ISO 27002 defines a broad catalogue of general security measures designed to help organizations implement the requirements in Annex A of ISO 27001.
  • ISO/IEC 27003:2017: Information technology - Security techniques - Information security management systems - Guidance
  • ISO/IEC 27004-2016: Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation
  • ISO/IEC 27005:2018: Information technology - Security techniques - Information security risk management

All regulations are available from the ISO website.

ISO 27001 - Questions about the IT security officer?

Does ISO 27001 require an IT security officer? The answer is "yes".

One task within the information security management system is the appointment of an IT security officer by top management. The IT security officer is the contact person for all IT security issues. He or she should be integrated into all ISMS processes and closely interlinked with the IT managers - for example, when selecting new IT components and IT applications.

 

ISO 27001 in practice

The DQS Audit Guide (based on ISO 27001:2013)

Benefit from good audit questions and possible evidence on selected controls from Annex A from experts in the field.

It is more than just a checklist!  Download now

 

Why ISO 27001 certification?

Certification based on an accredited procedure is proof that a management system and measures have been implemented to systematically protect information assets. With the ISO 27001 certificate, you show "in black on white" that you have successfully established this system and are committed to its continuous improvement.

The DQS certificate, which is valued worldwide, is the visible expression of a neutral assessment and strengthens confidence in your company. This is a market advantage and provides a good prerequisite in tenders and security-critical customer businesses, such as financial service providers.

ISO 27001 - Questions about the certification process

All management systems that are assessed on the basis of international rules (ISO 17021) by an accredited certification body such as DQS are subject to the same certification process.

The initial certification consists of the system analysis (stage 1 audit) and the system audit (stage 2 audit), during which the auditors verify on-site that the overall system is functioning properly and that all requirements have been implemented. The certificate is then valid for 3 years.

In order to be able to guarantee the validity during the entire period, the management system must be verified annually. In the first and second year after the certificate is issued, DQS auditors therefore conduct shortened ISMS audits (surveillance audits), in which they consider, for example, the effectiveness of key system components or of corrective and preventive measures. Recertification then takes place after three years.

Companies that already have an existing management system should combine their audit programs and seek joint certification of their integrated management system (IMS).

Is matrix certification possible?

Matrix certification is possible for companies with multiple sites. In principle, the same requirements apply to ISO 27001 as to other ISO standards such as ISO 9001 or ISO 14001. DQS can ensure the integration of ISO 27001 into existing matrix procedures, i.e. joint external auditing with the other standards.

What are the advantages of ISO 27001 over TISAX?

TISAX® (Trusted Information Security Assessment Exchange) was developed as an industry standard specifically for the automotive industry and tailored to industry-specific needs. The basis for a TISAX® assessment is the VDA Information Security Assessment (VDA ISA) test catalogue, which is based, among other things, on the requirements of ISO 27001 or ISO 27002 and extends these to include topics such as prototype protection or data protection.

You can find more valuable knowledge on our TISAX® product page.

The aim of TISAX® is to ensure comprehensive (information) security for all stages in the supply chain. In addition, registration in a database simplifies the mutual recognition procedure. However, TISAX® is only recognized in the automotive industry. Customers from other industries may only recognize ISO 27001 as proof of an ISMS.

DQS - What we can do for you

DQS is your specialist for audits and certifications - for management systems and processes. With more than 35 years of experience and the know-how of 2,500 auditors worldwide, we are your competent certification partner, providing answers to all ISO 27001 questions.

We audit according to around 200 recognized standards and regulations as well as company and association-specific standards. We were the first German certification body to receive accreditation for BS 7799-2, the predecessor of ISO/IEC 27001, in December 2000. This expertise is still an expression of our worldwide success story.

We are happy to answer your questions

How much work do you have to do to get your ISMS certified according to ISO 27001? Get information free of charge and without obligation.

We look forward to talking to you.

Show more
Show less

TISAX (Information Security in the Automotive Industry)

TISAX (Information Security in the Automotive Industry)

Instructor Led Training

IATF 16949:2016 | International Automotive Task Force | Lead Auditor Training | South Africa

Apr 22-26 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

IATF 16949:2016 | International Automotive Task Force | Internal Auditor Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 08-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

IATF 16949:2016 | International Automotive Task Force | Implementation Training | South Africa

May 07-08 , 2024, 08:00-16:00 - Aug 13-14 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

IATF 16949:2016 | International Automotive Task Force | Awareness Training | South Africa

Apr 08 , 2024, 08:00-16:00 - Aug 12 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
vda-isa-5-dqs-auto in einer wolke von elektronik
Loading...

New ISA Catalog 6.0 valid from April 1, 2024

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

VDA ISA Catalogue 5.1: Current basis for TISAX® assessments

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Automotive Cyber Security: New mandatory regulations

vda-isa-5.1-dqs-electric car with AI artificial intelligence using 3D modeling technology of visuali
Loading...

TISAX® - How to start the assessment well prepared

Blog
automotive-dqs-kfz in futuristischer farbgebung
Loading...

TISAX® - Answers to important questions

Information Security versus IT Security

Information security versus IT security

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Standards for information security - an overview

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Information security protection goals and their significance

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

IT security vs. information security - what's the difference?

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

ISO 27001 Annex A: Responsibilities and Roles of Employees

Information security in an organisation

The globalization of production, trade and services is driven by the progress of digitalization. Increasingly powerful information technologies present companies with major challenges when it comes to information security. In this context, it is not only important to effectively protect one's own know-how, but increasingly also to meet customer requirements and strengthen competitiveness through an effectively implemented information management system.

Blog
Mixing console in a recording studio with sliders at different heights
Loading...

Configuration management in information security

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
Portrait of Smiling IT Specialist Using Tablet Computer in Data Center. Big Server Farm Cloud Comput
Loading...

Embarking on the ISO 27001 Journey with DQS: Strengthening Information Security

Blog
scc-scp-certification-dqs-two workers in the petrochemical industrial plant
Loading...

Sibanye-Stillwater receives ISO 27001 certification through DQS.

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Experiences of aLIVE-Service GmbH with the ISMS standard

ISO 27001 Quality standards assurance business technology concept.; Shutterstock ID 1348453067; purc
Loading...

ISO 27001 Audit Guideline

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Corporate information security: A case study of Mubea group

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Information security incidents: Employees as a success factor

Information Security and Data Protection

Information Security and Data Protection

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
technical-measures-information-security-dqs-servers-cabinet-with-grid-door-and-lockable-door-handle
Loading...

Technical measures in information security

it-security-information-security-dqs-purple lock in animation
Loading...

Questions and answers about ISO 27001:2022

Blog
Portrait of Smiling IT Specialist Using Tablet Computer in Data Center. Big Server Farm Cloud Comput
Loading...

Embarking on the ISO 27001 Journey with DQS: Strengthening Information Security

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Implementer Training | South Africa

On demand
Classroom or Virtual | English
Blog
Code, HTML, PHP Web-Programmierung Quellcode. Abstrakter Codehintergrund
Loading...

Secure Coding - Challenges in Information Security

Blog
Cyberattack - Bildschirm zeigt Zahlencodes mit Warnsignalen
Loading...

Detection and Prevention in Information Security Management

Blog
neue-iso-iec-27001-2022-blog-dqs-projektmanager unterhalten sich bei benutzung eines tablets in einer zentrale
Loading...

The new ISO/IEC 27001:2022 - key changes

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Data protection management with a certificate

cisis12-certification-dqs-man taps on laptop on which abstract 3d data protection images can be seen
Loading...

ISO 27701 Data Protection Management System

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Digital health applications - A special case for data protection

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Data protection and information security - with ISO 27001 and ISO 27701

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Data protection audits ensure compliance

Information Security and Risk Management

Information Security and Risk Management

Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Lead Auditor Practical Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 37301 | Compliance Management Systems | Lead Auditor Practical Training | South Africa

Apr 22-26 , 2024, 08:00-16:00 - Aug 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 37301 | Compliance Management Systems | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 37301 | Compliance Management Systems | Implementation Training | South Africa

May 07-08 , 2024, 08:00-16:00 - Aug 13-14 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 37301 | Compliance Management Systems | Awareness Training | South Africa

Apr 08 , 2024, 08:00-16:00 - Aug 12 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
a young woman sits at a desk in front of a screen with a reference to cloud storage
Loading...

Cloud security with ISO 27001:2022

Blog
technical-measures-information-security-dqs-servers-cabinet-with-grid-door-and-lockable-door-handle
Loading...

Technical measures in information security

Blog
ikt-security-for-business-continuity-dqs-in the system control centre a woman gives instructions via
Loading...

ICT security for business continuity - control 5.30 in ISO 27001

Blog
Portrait of Smiling IT Specialist Using Tablet Computer in Data Center. Big Server Farm Cloud Comput
Loading...

Embarking on the ISO 27001 Journey with DQS: Strengthening Information Security

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Implementer Training | South Africa

On demand
Classroom or Virtual | English
Workshop

Root Cause Analysis Techniques (RCAT™) - South Africa

On demand
Online or Classroom | English
Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Vulnerability management in the context of ISO 27001

Information Security Standards

The ISO/IEC 2700x family is an internationally recognized series of standards for the introduction of a holistic information security management system. At its core is ISO/IEC 27001, which contains certifiable requirements for identifying, assessing and managing risks to information-processing operations.

Instructor Led Training

ISO 55001 | Asset Management | Lead Auditor Training | South Africa

Apr 22-26 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 55001 | Asset Management | Internal Auditor Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 55001 | Asset Management | Implementation Training | South Africa

May 07-08 , 2024, 08:00-16:00 - Aug 13-14 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Lead Auditor Practical Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 55001 | Asset Management | Awareness Training | South Africa

Apr 08 , 2024, 08:00-16:00 - Aug 12 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 22301 | Business Continuity Management (BCM) | Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Lead Auditor Training | South Africa

Jun 10-14 , 2024, 08:00-16:00 - Sep 16-20 , 2024, 08:00-16:00 - Dec 02-06 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Internal Auditing Training | South Africa

May 27-29 , 2024, 08:00-16:00 - Aug 19-21 , 2024, 08:00-16:00 - Nov 18-20 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System | Implementation Training | South Africa

Apr 15-16 , 2024, 08:00-16:00 - Jul 08-09 , 2024, 08:00-16:00 - Oct 14-15 , 2024, 08:00-16:00
Online or Classroom | English
Instructor Led Training

ISO 27001 | Information Security Management System| Awareness Training | South Africa

Apr 09 , 2024, 08:00-16:00 - May 08 , 2024, 08:00-16:00 - Jun 04 , 2024, 08:00-16:00 - Jul 04 , 2024, 08:00-16:00 - Aug 14 , 2024, 08:00-16:00 - Sep 03 , 2024, 08:00-16:00 - Oct 07 , 2024, 08:00-16:00 - Nov 12 , 2024, 08:00-16:00 - Dec 09 , 2024, 08:00-16:00
Online or Classroom | English
Blog
Portrait of Smiling IT Specialist Using Tablet Computer in Data Center. Big Server Farm Cloud Comput
Loading...

Embarking on the ISO 27001 Journey with DQS: Strengthening Information Security

Instructor Led Training

ISO 27001 | Information Security Management System | Lead Implementer Training | South Africa

On demand
Classroom or Virtual | English
Blog
iso27002-aenderungen-dqs-ein code aus buchstaben und zahlen
Loading...

Revision of ISO 27002 - These are the changes

Blog
datenschutz-it-blog-dqs-mensch bewegt digitale anzeige
Loading...

Standards for information security - an overview