Expert Advice Community

Guest

Identifying the required skills for ISMS

  Quote
Guest
Guest user Created:   Nov 18, 2020 Last commented:   Nov 18, 2020

Identifying the required skills for ISMS

I am interested Clause 7 and in identifying the required skills for ISMS. What documents can I refer to for that

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 18, 2020

Most of the required skills for an ISMS will depend on the ISMS scope. For example, most of the ISMS competencies when the scope covers financial data and processes will be different if the scope covers data center operations.

Some common competencies regardless of the scope are:
- Standard: knowledge of ISO 27001 standard
- Compliance: to identify interested parties and their requirements
- Audit: to manage audit programs, identify nonconformities, and perform follow up
- Documentation: for the development of policies and procedures
- Risk Management: to teach and guide employees during risk assessment and risk treatment process
- Human resources management: to provide awareness and training activities
- Project management: for the implementation of the standard

These articles will provide you a further explanation about competencies:
- What to look for when hiring a security professional https://advisera.com/27001academy/blog/2016/02/15/what-to-look-for-when-hiring-a-security-professional/
- How personal certificates can help your company’s ISMS https://advisera.com/27001academy/blog/2014/10/06/how-personal-certificates-can-help-companys-isms/
- Who should be your project manager for ISO 27001/ISO 22301? https://advisera.com/27001academy/blog/2014/12/01/who-should-be-your-project-manager-for-iso-27001-iso-22301/

These materials can also help:
- Free online training ISO 27001 Foundations Course http://training.advisera.com/course/iso-27001-foundations-course/
- Free Security Awareness Training: https://training.advisera.com/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.
- Free online training ISO 27001:2013 Internal Auditor Course https://training.advisera.com/course/iso-27001-internal-auditor-course/
- Free online training ISO 27001 Lead Auditor Course https://training.advisera.com/course/iso-27001-lead-auditor-course/
- Free online training ISO 27001:2013 Lead Implementer Course https://training.advisera.com/course/iso-27001-lead-implementer-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 18, 2020

Nov 18, 2020