Introduction
This course is available to be delivered in a classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

The Information Security 27001 Lead Implementer course is a course based on the ISO/IEC 27001 international standard. Supported by a real-world adapted case-study, the course challenge the students on the implementation of an Information Security Management System (ISMS) based on the requirements and best practices defined by the ISO/IEC 27000 family of standards and supported by a BEHAVIOUR customized methodology created by experts on information security and on ISO and other related well known best practices on the information security and IT fields.
More than knowing the main definitions, concepts, principles and requirements, the students will learn to put into practice an Information Security Program to establish and maintain an ISMS, based on a BEHAVIOUR customized methodology, and supported by several training resources, including several approaches, templates and other tools that will be useful so students may be able to apply their knowledge in a real-world context.
The students will be challenged with a series of exercises, supported by BEHAVIOUR and in-class drafted templates, were the learned knowledge and acquired expertise will came into practice. Exercises such as the understanding of the organization drivers; the information security context establishment, including the information security issues, ISMS interested parties and scope definition; assessing the current and target state to draft the basis for a gap analysis; establish the process and draft an practical approach for assessing and treatment of risk and opportunities, including information security risks; draft the Statement of Applicability (SOA) and the risk treatment plan; establish the information security objectives and plans for their achievement; identify and create plans, processes and procedures to support the ISMS; establish the approach for performance evaluation, including the definition of measures and indicators, internal audits and management reviews; draft the basis for the continual improvement process, including the procedure and template for managing findings; among others, as applicable, are important to allow the implementation of the standard in an organization.
The fundamental knowledge of the Information Security 27001 Foundation course is included, so it is not a prerequisite or a training path.
Training material updated in with the last released editions of all the related best practices. It also considers the two ISO/IEC 27001 corrections (COR 1:2014 and COR 2:2015) that were released after the last version of ISO/IEC 27001 was published, and the last draft of the new ISO 27002.
On this course, the students will acquire the expertise to establish, implement, maintain, and continually improve an Information Security Management System (ISMS), in accordance with the requirements of the ISO/IEC 27001 International Standard.
Besides the fundamental concepts related with information security and a detailed overview clause-by-clause of the ISO/IEC 27001 standard and its controls, the course leads the students through a step-by-step BEHAVIOUR customized methodology to implement the ISO/IEC 27001 international standard and achieve the ISO/IEC 27001 certification. The ISMS implementation process covered on this course is supported by the ISO/IEC 27000 standards family best practices (including ISO/IEC 27002, ISO/IEC 27003, ISO/IEC 27004, ISO/IEC 27005, and many others), and the most recognized information security, cybersecurity, project management and IT best practices, the BEHAVIOUR customized methodology helps the students to transform the learned knowledge and expertise into real-world practice. Applying this knowledge, the students will be able to implement an information Security Program based on ISO/IEC 27001 and lead with success their organization, or their customers organization, to the establishment and maintenance of an ISMS based on ISO/IEC 27001.
Based on a real-world adapted case-study organization, and supported by several approaches, templates and other tools, including discussions and practical exercises, the students will team-up with their peers during this course and will be challenged to demonstrate their Lead Implementer skills to implement an ISMS for this organization. This training methodology train and prepare students for successfully implement the ISO/IEC 27001 standard in a real-world environment.
Training Methodology
This course is based on theorical, and practical sessions supported by a real-world adapted case-study.
The course includes hands-on practical and theorical exercises to:
- better prepare the students for the real-world challenges,
- to prepare and increase the likelihood of success on the certification exam, and
- to train and prepare professionals for leading the ISMS implementation and achieve ISO/IEC 27001 certification.
This course is available to be delivered in a Classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.
Audience
This course is intended to:
- Information Security and/or IT Consultants, Auditors, Managers or Risk Professionals participating on an ISMS implementation based on ISO/IEC 27001
- CISO, CIO, CSO or any Executive or Senior Manager responsible to ensure the alignment and delivery of value using an ISMS based on ISO/IEC 27001 to maintain Information Security on their organization
- Experts responsible for the Information Security/IT Governance on the organization
- Project managers leading or preparing to lead an ISO/IEC 27001 implementation program
- Any professional, either, IT, information security, business or any other, involved on the establishment, implementation, operations and/or continual improvement of an Information Security Management System (ISMS) based on ISO/IEC 27001
- Anyone who wants to acquire the knowledge needed to implement an ISO/IEC 27001 ISMS
Prerequisites
Students should understand English as the course documentation is in this language. Please consult BEHAVIOUR to verify the availability of the course on other languages.
Duration (days)
5 days
Exam
The “Certified Information Security 27001 Lead Implementer” exam covers the following competence domains:
- Domain 1: Information security fundamentals and ISO/IEC 27001 requirements
- Domain 2: Establish (Plan) an ISMS based on ISO/IEC 27001
- Domain 3: Implement and Operate (Do) an ISMS based on ISO/IEC 27001
- Domain 4: Monitor and Review (Check) an ISMS based on ISO/IEC 27001
- Domain 5: Maintain and Improve (Act) an ISMS based on ISO/IEC 27001
- Domain 6: Advance for the ISO/IEC 27001 Certification Audit
Language(s): English (please consult BEHAVIOUR for availability on additional languages).
Duration: 3 hours.
Results: “Pass or Fail” qualitative score. In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade.
If the candidate fails the exam, he is entitled to one free retake within a 1-year period from the initial exam date.
Passing score: 700/1000 marks
Certification
After successfully completing the certification exam, participants may apply for one of the three available credentials for this personnel certification scheme, depending on their level of experience.
- Certified Information Security 27001 Associate Implementer: no previous experience required.
- Certified Information Security 27001 Implementer: 2 years of experience on information security
- Certified Information Security 27001 Lead Implementer: 5 years of experience on information security
A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Candidates also receive the digital badge of the certification achieved.
The “Certified Information Security 27001 Lead Implementer” personnel certification program is drafted and maintained according to the ISO/IEC 17024 standard.
Dates and Price
Click on “Price and Registration” to access more information and also the price:
Guaranteed Dates Program
(*) All dates of this course are guaranteed only for the events that take place in Lisbon. In other locations the events are subject to a minimum number of participants.
On Behaviour all courses at Lisbon occur regardless of the number of trainees in room. The concept of setting up classes does not exist in our educational model, which is why all public dates, presented on the website, are guaranteed. So if you're in Portugal or anywhere else in the world, you can prepare your week and your trip, as long as you ensure your registration in the course.
Volume Discounts
For companies, Behaviour offer discounts, starting from the registration of the 2nd participant, in the same course and on the same date.
Simulate the prices for the number of participants you want to register to
training@behaviour-group.com or contact us via chat.
Hotels and Useful Information
Know where you can stay in Lisbon, near Behaviour.
For more information please see >> Booking <<