JDA Advisory

ISO 27001 Training Schedule

ISO 27001 Training Schedule – Learn about our mission and vision for the future.

This section outlines our company’s mission and core values, providing a clear overview of our goals and purpose. It presents the vision that guides our business decisions and shapes the future direction of our company – ISO 27001 Training Schedule.

Date: Every first Friday of the month 09:00 am CET

Location: MS Teams

ISO 27001 Training Schedule – How does ISO 27001 training work?

This section provides a detailed training plan, explaining step by step how to effectively implement and audit an information security management system in accordance with the ISO 27001 standard.

Step 1: Introduction to the Standard – ISO 27001 Training Schedule

It describes the fundamentals of the ISO 27001 standard, its significance, and the objectives of the training, preparing participants for the subsequent stages of implementing an information security management system.

Step Two: Practical Implementation

It provides a detailed overview of the techniques and tools needed to effectively implement ISO 27001 within an organization, drawing on best practices and case studies.

Step 3: Audit and Certification

It outlines the process of auditing an information security management system and preparing for ISO 27001 certification, thereby enhancing confidence and compliance within the company.

ISO 27001 Training Plan – Comprehensive Program (1-day / 2-day / modular)

Below is a comprehensive, professional ISO 27001 training plan, developed in the JDA Advisory style: practical, operational, with a focus on real-world implementation, organizational maturity, auditing, risk, and compliance.

Training objectives:

  • Laying the groundwork for certification audits and maintaining compliance.
  • Understanding the requirements of ISO/IEC 27001:2022 and related standards (27002, 27005).
  • Ability to translate requirements into information security processes, roles, and controls.
  • Preparing to implement an ISMS in the organization.

Module 1. Introduction to ISO 27001

  • What is an ISMS and why is it essential?
  • The structure of the ISO 27001:2022 standard (Annex SL).
  • Differences between the 2013 and 2022 versions.
  • Links to NIS-2, DORA, GDPR, ENISA, and ISO 22301.
  • Key concepts: assets, risk, control, incident, continuity.

Module 4. Security Controls – ISO 27002:2022

  • Structure of 93 controls across 4 domains:
  • Organizational
  • People
  • Physical
  • Technological
  • How to match controls to risks.
  • Examples of practical implementations (ICT, manufacturing, fintech, services).

Module 7. Information Security Management System Documentation

  • Required documents and records.
  • How to create policies, procedures, instructions, and records.
  • How to build evidence of compliance.
  • Sample templates and checklists.

Module 2. Organizational Context and Strategic Requirements

  • Context and Stakeholder Analysis.
  • Scope of the Information Security Management System (ISMS) – How to Define It Correctly.
  • Information Security Policy.
  • Roles, Responsibilities, and Governance.

Module 5. Security Incident Management

  • Incident definitions and classification.
  • Incident handling process (SOC/CSIRT).
  • Logging, reporting, and communication.
  • Integration with NIS-2 and DORA.
  • Workshop: Incident analysis and corrective actions.

Module 8. ISO 27001 Audit

  • Internal audit according to ISO 19011.
  • Preparing for a certification audit.
  • Common nonconformities and how to avoid them.
  • What an audit looks like, step by step.

Module 3. Risk Management According to ISO 27005

  • Methodology for assessing information security risks.
  • Identification of assets, threats, vulnerabilities, and impacts.
  • Risk acceptance criteria.
  • Risk register, risk treatment plan.
  • Workshop: Risk assessment for a selected process.

Module 6. Monitoring, Measurement, and Improvement

  • KPIs/KRIs for information security.
  • Monitoring the effectiveness of controls.
  • Management review.
  • Corrective actions and continuous improvement.

Module 9. Hands-on workshops

  • Risk assessment for the selected process.
  • Mapping ISO 27001 requirements to the organization’s processes.
  • Creating a Statement of Applicability (SoA).
  • Preparing an ISMS implementation plan.

Participant Feedback and Testimonials

PRead the feedback from our participants, who appreciated the practical approach and expert knowledge provided during the ISO 27001 training.

The training exceeded my expectations—implementing the ISO 27001 standard is now much simpler and easier to understand.

Anna Kowalska

Information Security Manager

The professionalism and practical guidance provided by the JDA Advisory team helped us effectively prepare for the ISO 27001 audit.

Marek Nowak

Security Audit Specialist

ISO 27001:2022 standard

Start your journey with ISO 27001 today.

We invite you to join our ISO 27001 training course, which will help you effectively implement an information security management system that complies with international standards. Gain practical skills and confidence by drawing on the expertise of JDA Advisory’s experts.

Learn more