Career on Information Security
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I want to take up training and certification for ISO27001, and gradually move up ladder with CISA .
Here is dilemma like should i opt for ISO certification at this stage or not . And what approach to follow to attain same . What study material should i follow , do you take up training session, what action plan should i follow since post this data center project , there is high probability i would be aligned to different project for same role.
As of now i am finding myself in a situation while taking up decisions, since the decisions i take , my team would have to live with them for long . My self dont have prior experience in this domain and finding bit difficult to gauge CIA parameters.
I have expertise in Service operations , Incident , Change and Event management . Good knowledge of Serve r admin role and basics of network .
Answer: By what you described, my suggestion for your development would be first to consider obtaining knowledge on the requirements of the standard and how to conduct an implementation process. For that you can find on market ISO 27001 Lead implementation courses. Your previous knowledge on ITIL, servers administration and network will help, but information security covers much more issues, like human resources and legal requirements.
Second would be obtaining knowledge on audit aspects of ISO 27001, and for that you can consider either ISO 27001 Internal audit courses or ISO 27001 Lead auditor courses (for immediate or low budget you can go for internal audit courses, but since you are thinking about CISA, the lead auditor course can help you more regarding that goal).
Regarding training sessions, you can take a look at some of our online courses:
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
These articles will provide you further explanation about courses on ISO 27001:
- Lead Auditor Course vs. Lead Implementer Course – Which one to go for? https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go-for/
- What does ISO 27001 Lead Implementer training look like? https://advisera.com/27001academy/blog/2016/11/28/what-does-iso-27001-lead-implementer-training-look-like/
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
- CISA vs. ISO 27001 Lead Auditor certification https://advisera.com/27001academy/blog/2015/05/11/cisa-vs-iso-27001-lead-auditor-certification/
These materials will also help you regarding ISO 27001:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- Preparations for the ISO Implementation Project: A Plain English Guide https://advisera.com/books/preparations-for-the-iso-implementation-project-a-plain-english-guide/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
Comment as guest or Sign in
Jun 06, 2017