Data Security Officer ISO 27001:2017

The 'Data Security Officer ISO 27001:2017' training is a comprehensive review of the requirements of the ISO 27001:2017 standard and the ISO 27002:2017 guidelines regarding data and information security. Participants will gain deep knowledge of risk management, asset protection, access control, cryptography, as well as incident management and business continuity. The course also covers key aspects of the Data Security Officer role, including auditing data security systems. Participation in the training will enable the effective implementation and maintenance of ISO 27001:2017 standards, which will contribute to effective data protection and compliance with legal regulations.

1. Overview of ISO 27001:2017 requirements:

• organizational context,
• leadership,
• assessment of risks and opportunities, support – resources,
• competences, awareness,
• communication and documentation,
• working with data,
• effectiveness assessment, improvement.

2. ISO 27002:2017 guidelines as a list of good practices in the field of data and information security:

• asset inventory,
• asset risk analysis,
• handling media,
• access control, cryptography,
• physical security,
• safe operation, including backups,
• communication security,
• acquisition, development and maintenance of systems,
• cooperation with suppliers,
• managing data and information security incidents,
• business continuity management,
• compliance with legal regulations.

3. Role, tasks and powers of the Data Security Officer;

• auditing data and information security systems.