1. An Introduction to ISO27K1
Presented by Mouhammad Esayed
Mouhammad Esayed 5/30/2020
2. 5/30/2020Mouhammad Esayed
What is ISO 27001?
• ISO 27001 is a framework designed to help in providing a model for establishing,
implementing, operating, monitoring, reviewing,
maintaining and improving an information security management system.
• The 27001 standard does not mandate specific information security controls, but it
provides a checklist of controls that should be considered in the accompanying code
of practice, ISO/IEC 27002.
3. 5/30/2020Mouhammad Esayed
Some of 27000 Family are
• 27003 – Implementation guidance.
• 27004 - An information security management measurement standard suggesting
metrics to help improve the effectiveness of an ISMS.
• 27005 – An information security risk management standard. (Published in 2008)
• 27006 - A guide to the certification or registration process for accredited ISMS
certification or registration bodies.
• 27007 – ISMS auditing guideline.
4. 5/30/2020Mouhammad Esayed
What are the Benefits of ISO27001 Certificate
• The Main Gain of ISO27001 is minimize IT risks, possible damage and
consequential cost
• Lower cost
• Systematic detection of Vulnerability
• Fulfilment of internationally recognized requirements
• A structured method to address compliance requirements
• Increase in trust with respect to partners, customers and the public
• Competitive edge due to recognized standard
• Confidentiality of information
• Reduce the chances of security breaches within your IT environment
• Control of IT risks
8. 5/30/2020Mouhammad Esayed
How to be certified as ISO27001 LI/LA?
• To obtain the certificate of ISO27001 as a Lead Implementer you have to pass the
exam from exam provider such as PECB, it is a three hours essay exam.
• Then you have to submit the evidence about your experience.
• Check this link for more information:
• https://pecb.com/pdf/brochures/4/iso-iec-27001-lead-implementer_4p.pdf