ISO660

ISO 27001 Information Security Management System Training Course

Q: What will I learn in this ISO 27001 course?

This comprehensive course covers the Information Security Management System (ISMS) framework based on ISO 27001 standards. You'll learn about the legal and regulatory framework for information security, the ISO 27001 certification process including audit stages, detailed exploration of ISO 27001 clauses 4-8, risk management using ISO 27005, implementing security controls with ISO 27002, incident management based on ISO 27035, and developing performance metrics according to ISO 27004. The course also covers policy creation, third-party relationship management, and operational handling of an ISMS.

Q: What are the prerequisites for this course?

This is a beginner-level course that requires a graduate-level qualification. While no specific prior experience with ISO 27001 is required, a basic understanding of information technology concepts and business processes would be beneficial. The course is designed for entry-level professionals, engineers, mid-level managers, and senior managers who want to build foundational knowledge in information security management.

Q: How long is the course and what teaching methods are used?

The course duration is 3 days and employs a variety of interactive teaching methodologies including lectures, slide presentations, case studies, hands-on labs, group discussions, and Q&A sessions. This blended approach ensures both theoretical understanding and practical application of ISO 27001 concepts.

Q: Will I receive a certification upon completion?

This course does not provide a formal certification upon completion. However, it provides comprehensive preparation and foundational knowledge that will be valuable if you decide to pursue official ISO 27001 certifications in the future, such as ISO 27001 Lead Implementer or Lead Auditor certifications from accredited bodies.

Q: Who should attend this ISO 27001 course?

This course is ideal for entry-level professionals, engineers, mid-level managers, and senior managers who are involved in or responsible for information security within their organizations. It's particularly valuable for those who need to understand ISMS implementation, risk management, compliance requirements, or are preparing for roles in information security management.

Q: What practical skills will I gain from this course?

You'll develop practical skills in designing and implementing an Information Security Management System, conducting risk assessments using ISO 27005 methodology, creating effective information security policies, managing security incidents according to ISO 27035 guidelines, implementing security controls based on ISO 27002, managing third-party security relationships, and developing performance metrics and indicators for measuring ISMS effectiveness according to ISO 27004.

Q: How does this course cover the ISO 27001 certification process?

The course provides detailed insights into the ISO 27001 certification process, including understanding the stages of initial and full audits. You'll learn what auditors look for, how organizations prepare for certification audits, the documentation requirements, and the ongoing maintenance needed to maintain ISO 27001 certification. This knowledge is valuable whether you're implementing ISMS in your organization or preparing for audit-related roles.

Q: Where is the training conducted?

Our online trainings are conducted usually using Zoom or Google Meet. Our physical trainings are normally held in Common Ground, Bangsar South .

Q: Can international participants join this course?

Please check the Available in section to see which countries the course is available in. If your country is not listed, please contact us.

Q: What is the difference between public, corporate, and training provider pricing?

Public pricing : applies for individuals signing up from different companies. Corporate pricing : applies if a company wants to have an intake for its employees only. Training provider pricing : applies only for other training providers looking to hire our trainers and use our content. Our content has a licensing fee.

Master the essentials of Information Security Management Systems with our engaging course designed around ISO 27001 standards. Gain expertise in implementing robust security controls, managing risks effectively and ensuring continual improvement of information security practices. Enroll now to secure your knowledge in aligning with industry best practices.

Available in:
Malaysia

Face-to-Face May 25-27, 2026 9:00 AM - 5:00 PM Dr. Esther Suria Kala

Created: December 18th 2020, 11:55 AM MYT Last Modified: May 14th 2026, 6:00 AM MYT

updated

beginner

We price match

Public Pricing

MYR 5250

Corporate Pricing

Pax:

Training Fees: MYR 6500/day

Total Fees: MYR 19500 ++

Training Provider Pricing

Pax:

Training Fees: MYR 2400/day

Material Fees: MYR 400

Total Fees: MYR 7600 ++

Features

3 days

24 modules

3 intakes

English

Technical: 25 pax

Target Audience

students

engineers

managers

executives

Methodologies

lecture

slides

labs

case studies

group discussion

q&A

Subsidies

What you'll learn

Design metrics and performance indicators according to ISO 27004.
Understand the legal framework and principles of information security.
Learn about the ISO 27001 certification process including audit stages.
Explore clauses 4 to 8 of ISO 27001 in detail.
Develop competencies in risk management following ISO 27005.
Create effective information security policies and manage external relationships.
Implement information security controls based on ISO 27002 guidelines.
Cultivate skills for incident management and operational handling of an ISMS.

Recap and Q&A

15 mins

End of Day 3

Ratings and Reviews

( 3 ratings )

100%

( 3 reviews )

Instructor

Dr. Esther Suria Kala ICT & Cybersecurity Training Expert

Trainer Profile

TTT Certificate

Dr. Esther Suria Kala is a highly accomplished ICT consultant and corporate trainer with nearly 30 years of extensive experience in information technology, project management, and organizational development. As the founder of Angel Software Solutions, she has established herself as a versatile and dedicated professional who delivers cutting-edge training solutions across Malaysia and internationally.

Her academic credentials are exceptional, including a PhD in Psychology with a focus on Human Behaviour and Human Resources, an MBA in Finance, and degrees in both Computer Science and Human Resources. Currently pursuing a second PhD in IT Information Security, Dr. Esther demonstrates an unwavering commitment to continuous learning and staying at the forefront of technological advancement. Her educational foundation is complemented by an impressive array of professional certifications, including Microsoft Certified Trainer (MCT), CISSP, ITIL, SAP Certified Associate, Certified Cyber Security Professional, Data Scientist, AI Engineering, and ECBA certifications.

Dr. Esther's technical expertise spans an extensive range of domains, from traditional programming languages like Java, C++, and PHP to modern technologies including Python, AI coding, machine learning, RPA, and IR 4.0 microservices. She is proficient in database management systems including Microsoft SQL Server and Oracle, web development frameworks, and enterprise solutions like SAP Crystal Reports and SharePoint Server. Her knowledge extends to cybersecurity, ethical hacking, network administration, and data analytics, making her uniquely qualified to address both technical and strategic business challenges.

As a trainer, Dr. Esther excels in bridging the gap between technical complexity and practical application. She delivers comprehensive training programs for both IT and non-IT professionals, covering everything from software development and cloud computing to soft skills such as digital marketing, business analysis, customer service, and project management. Her ability to communicate effectively in both English and Bahasa Malaysia enables her to connect with diverse audiences across different organizational levels.

Her impressive client portfolio includes leading organizations such as Maybank, Telekom Malaysia, Malaysian Airlines, Tenaga Nasional Berhad, Bank Negara, Ministry of Education, Ministry of Finance, and numerous multinational corporations. This extensive experience across banking, telecommunications, government, aviation, and technology sectors demonstrates her adaptability and deep understanding of varied industry requirements. Recognized with the Outstanding Achievement Award in Information Technology from University Malaya in 2013, Dr. Esther continues to empower organizations through innovative training solutions that drive digital transformation and professional excellence.

225 Courses

English, Malay, Hindi, German, Tamil

30 Years

( 0 ratings )

( 0 reviews )

Course Reviews

"Thank you very much for easy explanation of new version of ISO 27001.This has given me a boot in confidence for understanding the requirement of new controls."

"Easy to understand and precise course. Explains hard to understand concepts in simple and interesting way."

"Very well designed course, made it easy to understand each control and the overall standard."

FAQ

Frequently Asked Questions About This Course

What will I learn in this ISO 27001 course?

What are the prerequisites for this course?

How long is the course and what teaching methods are used?

Will I receive a certification upon completion?

Who should attend this ISO 27001 course?

What practical skills will I gain from this course?

How does this course cover the ISO 27001 certification process?

Where is the training conducted?

Can international participants join this course?

What is the difference between public, corporate, and training provider pricing?

Do I have to pay right away?

I just enrolled in an intake. Does that mean I can attend the course on that date?

What happens if quorum for an intake is not reached?

Why should you attend?