Mastering the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001, IT advisory Armenia, IT audit Armenia, Cybersecurity Armenia

Skip to content
Skip to navigation
Skip to cookie banner

Global site
Africa
Americas
Asia Pacific
Europe
Middle East

Services

Forensic advisory

Through our business risk and business consulting services, we help dynamic organizations manage the operational challenges, risks and opportunities of a...

See Overview

Business consulting
Our business consulting services can help you improve your operational performance and productivity, adding value throughout your growth life cycle.
Business risk services
We can help you identify, understand and manage potential risks to safeguard your business and comply with regulatory requirements.
Data analytics center
Unlock the power of data with our expert Data Analytics team. We are a dedicated group of professionals who are passionate about harnessing the potential of data to drive informed decision-making and business growth. With our extensive knowledge and cutting-edge tools, we provide comprehensive data analysis solutions tailored to meet your specific needs.
Asset management
Grant Thornton’s profound experience and deep knowledge of asset management (AM) systems and registers development is based on successful implementation of large scale and complex projects in CIS region and beyond its borders.
Human capital advisory
Grant Thornton Armenia's human capital advisory services are designed to deliver the results you want throughout the entire lifecycle.
Sustainability and ESG advisory
Embark on a transformative journey with our comprehensive Sustainability and ESG services, designed to support your organization's sustainability transition and drive a meaningful impact.

Transactional advisory

We have necessary expertise to provide integrated solutions at every stage of a transaction through assessment of every single investment opportunity, as well...

See Overview

Recovery & reorganisation
We provide a wide range of services to recovery and reorganisation professionals, companies and their stakeholders.
Transactional advisory services
We can support you throughout the transaction process – helping achieve the best possible outcome at the point of the transaction and in the longer term.

Cyber advisory

We help our clients prepare themselves for cybersecurity threats, ensure ongoing protection, react effectively to attacks and drive change to improve their...

See Overview

Cybersecurity
Grant Thornton will assist you with raising the level of your protection, offering services in the area of cybersecurity.

Forensic advisory

At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.

See Overview

Assurance

We approach each audit with sharp thought, straight talk and common sense. In addition to verifying that financial results are fairly presented and meet...

See Overview

IFRS
At Grant Thornton, our IFRS advisers can help you navigate the complexity of financial reporting.
Audit quality monitoring
Having a robust process of quality control is one of the most effective ways to guarantee we deliver high-quality services to our clients.
Global audit technology
We apply our global audit methodology through an integrated set of software tools known as the Voyager suite.

Related insights:

Publication Identifying a business combination within the scope of IFRS 3

Mergers and acquisitions are becoming more and more common as entities aim to achieve their growth objectives. IFRS 3 ‘Business Combinations’ contains the requirements for these transactions, which are challenging in practice.

30 Mar 2021

Legal & tax advisory

Grant Thornton Legal and Tax LLC, a subsidiary of Grant Thornton Armenia, is a multi-professional group of lawyers, tax advisors and accountants. Law firm...

See Overview

Legal advisory
Legal advisory involves a wide spectrum of corporate legal consultancy ranging from incorporation and liquidation matters, legal representation, litigation, ad-hoc legal advice, provision of legal opinions to execution of due diligence and structuring deals from a legal viewpoint.
Business process solutions
Our business process solutions team provides a range of services to support clients of all sizes, from small to medium enterprises (SMEs) through to the largest international businesses.
Tax advisory
We advise our clients on all aspects of corporate tax strategy development and tax planning, tax issues arising from formation or acquisition of a company and provide an overview of local and international perspectives.

Industries

Energy & natural resources

Energy & resources

See Overview

Energy & environment
Energy and resources markets worldwide are undergoing major changes. With growing energy demand, developments in new forms of energy and the need to invest in a sustainable future, significant shifts in these sectors are taking place all over the world. At Grant Thornton, we can help you prepare for these changes and stay one step ahead of your competitors.
Oil & gas
Oil & gas
Mining
Rising operating costs, challenging capital markets and falling commodity prices are putting miners to the test worldwide, but dynamic companies can still thrive. At Grant Thornton, we can help you make the most of these opportunities and unlock your potential for growth.

Financial services

Optimism is slowly returning to the global economy, but the financial services industry needs to regain the trust of public and private bodies. To succeed,...

See Overview

Private equity
We bring together international teams from corporate finance, restructuring and turnaround, taxation and assurance services that provide bespoke solutions – from investment, through the growth phase to exit.
Asset management
Grant Thornton’s profound experience and deep knowledge of asset management (AM) systems and registers development is based on successful implementation of large scale and complex projects in CIS region and beyond its borders.

Related insights:

Industry analysis Banking sector analysis

Grant Thornton's recent analysis of the banking sector in Armenia, is mainly based on the review of historical data.

14 Mar 2023

Travel, tourism & leisure

Dynamic businesses need to move with speed and purpose if they want to capitalise on opportunities in travel, tourism & leisure. At Grant Thornton, we know...

See Overview

Not for profit

Across the globe, not for profit organisations are increasingly expected to deliver more, while at the same time facing cuts in government funding and...

See Overview

Public sector

We work with all types of agencies, including central and state government, local government, donors (including bilateral and multilateral international...

See Overview

Real estate & construction

While the impact of the prolonged downturn continues to be felt, pockets of opportunity and optimism have emerged within the retail estate and construction...

See Overview

Technology

Rapid change and complexity are norms, and innovation the fuel in the technology industry. Today’s revolutions – including cloud, as-a-service, social media...

See Overview

Mastering Risk Assessment and Optimal Risk Management based on ISO 31000 and ISO/IEC 31010

This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who should attend?

Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS)
ISO/IEC 27001 auditors who wish to fully understand the Information Security Management System implementation process
CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
Members of an information security team
Expert advisors in information technology
Technical experts wanting to prepare for an information security function or for an ISMS project management function

Learning objectives

To understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001
To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System
To understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
To acquire the necessary expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
To acquire the necessary expertise to manage a team implementing ISO/IEC 27001
To develop the knowledge and skills required to advise organizations on best practices in the management of information security
To improve the capacity for analysis and decision making in the context of information security management

Course Agenda

Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001; Initiating an ISMS

Introduction to management systems and the process approach
Presentation of the standards ISO/IEC 27001, ISO 27002 and ISO 27003 and regulatory framework
Fundamental principles of Information Security
Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827
Writing a business case and a project plan for the implementation of an ISMS

Day 2: Planning the implementation of ISMS based on ISO/IEC 27001

Defining the scope of an ISMS
Development of an ISMS and information security policies
Selection of the approach and methodology for risk assessment
Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO/IEC 27005
Drafting the Statement of Applicability

Day 3: Implementing ISMS based on ISO/IEC 27001

Implementation of a document management framework
Design of controls and writing procedures
Implementation of controls
Development of a training & awareness program and communicating about the information security
Incident management (based on guidance from ISO 27035)
Operations management of an ISMS

Day 4: Controlling, monitoring, measuring and improving an ISMS; certification audit of the ISMS

Controlling and Monitoring the ISMS
Development of metrics, performance indicators and dashboards in accordance with ISO 27004
ISO/IEC 27001 internal Audit
Management review of an ISMS
Implementation of a continual improvement program
Preparing for an ISO/IEC 27001 certification audit

Day 5: Certification Exam

Prerequisites

ISO/IEC 27001 Foundation Certification or a basic knowledge of ISO/IEC 27001 is recommended.

Educational approach

This training is based on both theory and practice:
Sessions of lectures illustrated with examples based on real cases
Practical exercises based on a full case study including role playings and oral presentations
Review exercises to assist the exam preparation
Practice test similar to the certification exam

Examination and Certification

The “PECB Certified ISO/IEC 27001 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
Domain 1: Fundamental principles and concepts of information security
Domain 2: Information security control best practice based on ISO 27002
Domain 3: Planning an ISMS based on ISO/IEC 27001
Domain 4: Implementing an ISMS based on ISO/IEC 27001
Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC 27001
Domain 6: Continual improvement of an ISMS based on ISO/IEC 27001
Domain 7: Preparing for an ISMS certification audit

The “PECB Certified ISO/IEC 27001 Lead Implementer” exam is available in different languages (the complete list of languages can be found in the examination application form)

Duration: 3 hours

For more information, refer to the section on ISO/IEC 27001 Lead Implementer Exam

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Provisional Implementer, PECB Certified ISO/IEC 27001 Implementer or PECB Certified ISO/IEC 27001 Lead Implementer, depending on their level of experience.

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential

For more information, refer to the section on ISO/IEC 27001 Lead Implementer Certification

General Information

Certification fees are included in the exam price
A student manual containing over 450 pages of information and practical examples will be distributed to participants
A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants
In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions

For more, please visit https://www.pecb.com/iso-iec-27001-lead-implementer

Mastering the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001

Mastering Risk Assessment and Optimal Risk Management based on ISO 31000 and ISO/IEC 31010

CONNECT

ABOUT

LEGAL