IIRF Online > IT & Software > IT Certifications > Information Security > ISO/IEC 27002:2022. Information security controls
ISO/IEC 27002:2022. Information security controls by Udemy
Learn about the comprehensive set of information security controls proposed by ISO/IEC 27002:2022
Course Highlights
- Define and establish information security controls
- Implement information security management in an organization
- Develop specific controls for different areas and domains
- Ensure compliance with ISO/IEC 27001
- Required policies and procedures for an ISMS
Skills you will learn!
Curriculum
5 Topics
Introduction
Information security cybersecurity and privacy
The ISO/IEC 27000 series of standards
An ISMS according to ISO/IEC 27001
About ISO/IEC 27002
39 Topics
Policies for information security
Information security roles and responsibilities
Segregation of duties
Management responsibilities
Contact with authorities
Contact with special interest groups
Threat intelligence
Information security in project management
Inventory of information and other associated assets
Acceptable use of information and other associated assets
Return of assets
Classification of information
Labelling of information
Information transfer
Access control
Identity management
Authentication information
Access rights
Information security in supplier relationships
Addressing information security within supplier agreements
Managing information security in the ICT supply chain
Monitoring review and change management of supplier services
Information security for use of cloud services
Information security incident management planning and preparation
Assessment and decision on information security events
Response to information security incidents
Learning from information security incidents
Collection of evidence
Information security during disruption
ICT readiness for business continuity
Legal statutory regulatory and contractual requirements
Intellectual property rights
Protection of records
Privacy and protection of PII
Independent review of information security
Conformance with policies rules and standards for information security
Documented operating procedures
Recapitulation organizational controls
Organizational controls
10 Topics
Screening
Terms and conditions of employment
Information security awareness education and training
Disciplinary process
Responsibilities after termination or change of employment
Confidentiality or non-disclosure agreements
Remote working
Information security event reporting
Recapitulation people controls
People controls
16 Topics
Physical security perimeters
Physical entry
Securing offices rooms and facilities
Physical security monitoring
Protecting against physical and environmental threats
Working in secure areas
Clear desk and clear screen
Equipment siting and protection
Security of assets off-premises
Storage media
Supporting utilities
Cabling security
Equipment maintenance
Secure disposal or re-use of equipment
Recapitulation physical controls
Physical controls
36 Topics
User endpoint devices
Privileged access rights
Information access restriction
Access to source code
Secure authentication
Capacity management
Protection against malware
Management of technical vulnerabilities
Configuration management
Information deletion
Data masking
Data leakage prevention
Information backup
Redundancy of information processing facilities
Logging
Monitoring activities
Clock synchronization
Use of privileged utility programs
Installation of software on operational systems
Networks security
Security of network services
Segregation of networks
Web filtering
Use of cryptography
Secure development life cycle
Application security requirements
Secure system architecture and engineering principles
Secure coding
Security testing in development and acceptance
Outsourced development
Separation of development test and production environments
Change management
Test information
Protection of information systems during audit testing
Recapitulation technological controls
Technological controls
2 Topics
The certification to ISO/IEC 27001 and ISO/IEC 27002
Thank you and good bye!
ISO/IEC 27002:2022. Information security controls
Related Information Security Courses
Thank You!
Your review has been submitted successfully.