SlideShare a Scribd company logo

ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know

Download as PPTX, PDF
PECB
PECB

Just a few days ago NIST published a complete refresh of the SP800-53, which provides a catalog of security measure to protect an organization against a variety of risks and threats. How might NIST guidance fit in an information security management system like ISO/IEC 27001 and its privacy extension ISO/IEC 27701? In this session, we will make a quick walk-through the standards and best practices, compare them, and find out how they map and differ from one another. The webinar will cover: • A quick recap of the topics covered in ISO27001/ISO27701 • Discovering the NIST guidelines for Information & cyber Security (SP800-SP1800) • Main differences and mappings between NIST guidance and ISO27001 • About the latest publication (sep/2020) on NIST SP800-53 (Security and Privacy Controls for Information Systems and Organizations) • Implementing information & cyber-security best practices Date: October 14, 2020 YouTube presentation: https://youtu.be/zfsxSaaErqg ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/iso-27001-information-technology--security-techniques-information-security--management-systems---requirements https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION

Related slideshows

ISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdfISO 27001:2022 What has changed.pdf
ISO 27001:2022 What has changed.pdf
 
Iso 27001 isms presentation
Iso 27001 isms presentationIso 27001 isms presentation
Iso 27001 isms presentation
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
1 of 54
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
• Introduction • ISO/IEC 27001 & 27701- quick recap (prev. sessions) • Introduction to NIST • NIST SP800-53 Walk-through • Comparing ISMS, PIMS & NIST • What about certification? • Q & A Agenda
Introduction
Before we start… Previous session recap
1. Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard - (2019-12-09) 2. ISO/IEC 27701 vs GDPR - What you need to know (2020-01-29) 3. Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation (2020-04-15) 4. Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor (2020-06-24) • Check the past webinars on the PECB website at • https://pecb.com/past-webinars Find all sessions with Q&A + collaterals (decks, recording) at: http://ffwd2.me/PECB_ISO27001_webinars (short cut to LinkedIN page) Previous sessions
• Best practices ≠ regulations • ISO Requirements (ref. audit) vs guidelines • Privacy ≠ Data Protection • Data protection ≠ Information Security • PII vs Personal Data • International vs. Regional Quick Recap
• ISO27001 = ISMS • ISO27701 = PIMS Quick Recap
ISO or NIST deep dive • Course material reference see later • NIST document reference see later The nuts and bolts of ISMS Just know that it has • 10 chapters, 7 clauses (Clause 4..10, built on PDCA) • Annex with • 14 main categories (A5..A18) • 35 subcategories • 114 controls / measures • Course material reference, see later What this session is not about
ISO/IEC 27000 series • ISO27001 and ISO27701 = certifiable • Total 59 documents ISO27000 series including • Code of practices • Guidance • Auditing (ISO27006) • Incident management (ISO27035) • Cybersecurity (ISO27032) • Business continuity, Communications security, Application Security, Supply Chain, Storage, … • More info: https://www.iso.org/committee/45306/x/catalogue/p/1/u/0/w/0/d/0 And also
The nuts and bolts of PIMS Just know that it • Is certifiable like ISMS • Is Privacy & GDPR add-on to ISMS • Add specifications to interpretation of information security • Now including PII/personal data • Extra requirements from GDPR & other legislation • Interesting annex • GDPR mapping • ISO29100 (Privacy) mapping What this session is not about
Introduction to NIST National Institute of Standards and Technology (US Dept of Commerce)
Source: https://www.nist.gov/about-nist/our-organization/mission-vision-values About • Founded in 1901 • Now part of US Department of Commerce Mission “To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” Core competencies • Measurement science • Rigorous traceability • Development and use of standards NIST
Publications (dd 2020-10-13) Source: https://www.nist.gov/publications NIST
This session focus • NIST Special publications (SP) • https://csrc.nist.gov/publications/sp • Computer security (SP800) • https://csrc.nist.gov/publications/sp800 • 188 docs Also check (not covered today) • SP1800 (Cybersecurity practice guides) • https://csrc.nist.gov/publications/sp1800 • Not covered in detail today • 25 documents NIST – Privacy, Cyber & Information security
ISO27001 NIST SP800-53 Management Clauses 7 Incl. Control Categories 15 20 Subcategories 35 321 Total Controls 114 1189 Pages 23+80 464 Additional ISO27x standards NIST SP800 series 59 188 NIST SP1800 (Cyber) 25 NIST – SP800 level of detail
SP800 Series • 800-53 rev 5 (dd 2020-09-23, fresh !) • Security and Privacy Controls for Information Systems and Organizations • (FYI, 464 pag.) But also • 800-12: Intro to Information Security • 800-39: Information Security Risk • 800-55: Performance management, And • Patch management, Firewalls, electronic mail, TLS, PKI, Bluetooth, … NIST – SP800
NIST SP800-53 Walk-through Security and Privacy Controls for Information Systems and Organizations
Info https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final Downloads • SP 800-53 Rev. 5 (DOI) • Local Download Supplements • Spreadsheet of 800-53 Rev. 5 Controls (xls) • SP 800-53 Collaboration Index Template (xls) • SP 800-53 Collaboration Index Template (word) NIST SP800-53 rev.5
Abstract • Catalog of security and privacy control • For information systems and organizations • To protect organizational operations and assets, individuals, other organizations • Against from a diverse set of threats and risks, • including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. • Controls are flexible and customizable • Implemented as part of an organization-wide process to manage risk • Derived from mission and business needs, regulations, legal requirement … • Functionality (effectiveness) and assurance perspective (trust) NIST SP800-53 rev.5
Add-ons • [SP 800-30] provides guidance on the risk assessment process. • [IR 8062] introduces privacy risk concepts. • [SP 800-39] provides guidance on risk management processes and strategies. • [SP 800-37] provides a comprehensive risk management process. • [SP 800-53A] provides guidance on assessing the effectiveness of controls. • [SP 800-53B] provides guidance for tailoring security and privacy control baselines and for developing overlays to support the specific protection needs and requirements of stakeholders and their organizations. NIST SP800-53 rev.5
Setup • Chapter 1: Introduction (p1..6) • Chapter 2: the fundamentals (p7..14) • Chapter 3: The controls (p16..363) • Reference • Appendixes • Glossary • Acronyms • Control summaries (p.427..464) (!) NIST SP800-53 rev.5
Chapter 1 (quick check) • The need to protect information, systems, organization & individuals • Purpose & applicability • Audience • Organization responsibilities • Relation to other publications • Revision & extensions • Rev 5 (2020) vs Rev 4 (2016) NIST SP800-53 rev.5
Chapter 2 • Fundamental concepts • Associated with security and privacy • Controls, including • The structure of the controls, • How the controls are organized in the consolidated catalog, • Control implementation approaches, • The relationship between • Security and privacy controls, and • Trustworthiness and assurance NIST SP800-53 rev.5
Chapter 3 (full catalog) • Consolidated catalog of security and privacy controls • Incl. discussion section to explain the purpose of each control and • Provide useful information regarding • control implementation and • assessment, • A list of related controls to show • The relationships and dependencies among controls, and • A list of references to supporting • Publications that may be helpful to organizations NIST SP800-53 rev.5
Control Structure NIST SP800-53 rev.5
Detail provided on every security control/measure • Control identifier • Control name • Base control • Security measure definition • Organization tasks (org defined parameter) • Control enhancement • Additional sources • Links to other controls NIST SP800-53 rev.5
Detail provided on every security control/measure NIST SP800-53 rev.5
Control implementation & classification • Implementation approaches • Common implementation (applies to multiple system) • System Specific • Hybrid (mix of both) • Security vs Privacy • Trustworthiness • Important part of risk management strategy • Impact on trustworthiness • Functionality (effectiveness of security) • Assurance (measure of confidence) NIST SP800-53 rev.5
Control Structure - Focus NIST SP800-53 rev.5
Comparing ISMS, PIMS & NIST How do they map (or not)?
The essentials • ISMS • high level approach • Part 1 = clauses (Management responsibilities) • Part 2 = operational security measures (ref ISO27002) • ISO27002 • Advisory & suggestions on ISMS (& PIMS) • PIMS • Turns “information security” • Into “information security & data protection (PII)” • Add-on to ISO27001, ISO27002 & ISO29100 • NIST • Highly detailed on all categories ISMS, PIMS & NIST
Attention points • ISMS • No practical advise, or implementation guidance • Lots of freedom & choice • 114 control points / measures • You can plug in any technical / implementation framework to achieve ISO27001 • International level • NIST • US level • Extremely detailed, very extended • Well organized, super practical guidance & reference ISMS, PIMS & NIST
And also • ISO • Limited set publicly Available Standards: http://ffwd2.me/FreeISO • Subscription/License model • NIST • Free ISMS, PIMS & NIST
What about certification? ISO vs NIST
Context Certification Certification ISO international ISO27001, ISO27701 (and also ISO9001, …) GDPR, NIS, Cyber Act & requirements by other international legislation or sectors
ISO27001 • International, • Standardized • Mutual recognition • Linked to other standards & process references (like ISO9001) • PDCA cycle Why is this important?
NIST • NIST does not offer certification and accreditation methods to certify information security management systems • No equivalent process to ISO Certification
NIST Alternatives • assessment and authorization (A&A) process that is part of the NIST Risk Management Framework (RMF) • As part of control assessment, the organization selects the appropriate assessor or assessment team • Fully described in NIST SP800-37, Rev.2 [https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/final]. • Guidance for assessing • Controls: NIST SP 800-53A, • Risk: NIST SP 800-30 • Infosec Continuous monitoring: NIST SP 800-137A Certification
Ramping up… Relevant PECB Training courses
Relevant Training PIMS • PECB ISO 27701 Foundation • PECB ISO 27701 LI • PECB ISO 27701 LA Information Security • PECB ISO 27001 LI • PECB ISO 27001 LA • PECB ISO 27002 LM
Relevant Training Data protection • PECB Certified Data protection Officer (GDPR) Privacy • PECB ISO29100 LI
Other Relevant Training Incident Management • PECB ISO 27035 LI Risk Management • PECB ISO 27005 LI
Check the PECB agenda, select the ISO/IEC 27701 Lead Implementer https://pecb.com/en/partnerEvent/event_schedule_list Training Events For full detailed information about an event click on the ‘View’ button on the right hand side under ‘View full details’. Note: Before applying for any training courses listed below, please make sure you are registered to PECB Training Agenda
Q&A
Appendix
Relevant Training PECB ISO 27701 Foundation https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-foundation PECB ISO 27701 Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-lead-implementer PECB ISO 27701 Lead Auditor https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-lead-auditor
Relevant Training PECB ISO 27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27001/iso-iec-27001-lead-implementer Lead Auditor https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27001/iso-iec-27001-lead-auditor
Relevant Training PECB ISO 27002 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27002 Lead Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27002/iso-iec-27002-lead-manager
Relevant Training PECB GDPR https://pecb.com/en/education-and-certification-for-individuals/gdpr CDPO https://pecb.com/en/education-and-certification-for-individuals/gdpr/certified- data-protection-officer
Relevant Training PECB ISO29100 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-29100- privacy-implementer Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec-29100- privacy-implementer/iso-29100-lead-privacy-implementer
Relevant Training PECB ISO27035 - Incident Management https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27035 Lead Incident Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27035 /iso-iec-27035-lead-incident-manager
Relevant Training PECB ISO27005 - Risk Management https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005 Lead Risk Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005 /iso-27005-lead-risk-manager
ISO/IEC 27701 Training Courses • ISO/IEC 27701 Foundation 2 Day Course • ISO/IEC 27701 Lead Implementer 5Days Course Exam and certification fees are included in the training price. https://pecb.com/en/education-and-certification-for-individuals/iso- 27701 www.pecb.com/events
THANK YOU ? info@cyberminute.com CyberMinute hello@shiftleftsecurity.eu Shift Left Security

More Related Content

ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know

  • 2. • Introduction • ISO/IEC 27001 & 27701- quick recap (prev. sessions) • Introduction to NIST • NIST SP800-53 Walk-through • Comparing ISMS, PIMS & NIST • What about certification? • Q & A Agenda
  • 5. 1. Quick Guide to ISO/IEC 27701 - The Newest Privacy Information Standard - (2019-12-09) 2. ISO/IEC 27701 vs GDPR - What you need to know (2020-01-29) 3. Privacy Trends: Key practical steps on ISO/IEC 27701:2019 implementation (2020-04-15) 4. Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor (2020-06-24) • Check the past webinars on the PECB website at • https://pecb.com/past-webinars Find all sessions with Q&A + collaterals (decks, recording) at: http://ffwd2.me/PECB_ISO27001_webinars (short cut to LinkedIN page) Previous sessions
  • 6. • Best practices ≠ regulations • ISO Requirements (ref. audit) vs guidelines • Privacy ≠ Data Protection • Data protection ≠ Information Security • PII vs Personal Data • International vs. Regional Quick Recap
  • 7. • ISO27001 = ISMS • ISO27701 = PIMS Quick Recap
  • 8. ISO or NIST deep dive • Course material reference see later • NIST document reference see later The nuts and bolts of ISMS Just know that it has • 10 chapters, 7 clauses (Clause 4..10, built on PDCA) • Annex with • 14 main categories (A5..A18) • 35 subcategories • 114 controls / measures • Course material reference, see later What this session is not about
  • 9. ISO/IEC 27000 series • ISO27001 and ISO27701 = certifiable • Total 59 documents ISO27000 series including • Code of practices • Guidance • Auditing (ISO27006) • Incident management (ISO27035) • Cybersecurity (ISO27032) • Business continuity, Communications security, Application Security, Supply Chain, Storage, … • More info: https://www.iso.org/committee/45306/x/catalogue/p/1/u/0/w/0/d/0 And also
  • 10. The nuts and bolts of PIMS Just know that it • Is certifiable like ISMS • Is Privacy & GDPR add-on to ISMS • Add specifications to interpretation of information security • Now including PII/personal data • Extra requirements from GDPR & other legislation • Interesting annex • GDPR mapping • ISO29100 (Privacy) mapping What this session is not about
  • 11. Introduction to NIST National Institute of Standards and Technology (US Dept of Commerce)
  • 12. Source: https://www.nist.gov/about-nist/our-organization/mission-vision-values About • Founded in 1901 • Now part of US Department of Commerce Mission “To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” Core competencies • Measurement science • Rigorous traceability • Development and use of standards NIST
  • 13. Publications (dd 2020-10-13) Source: https://www.nist.gov/publications NIST
  • 14. This session focus • NIST Special publications (SP) • https://csrc.nist.gov/publications/sp • Computer security (SP800) • https://csrc.nist.gov/publications/sp800 • 188 docs Also check (not covered today) • SP1800 (Cybersecurity practice guides) • https://csrc.nist.gov/publications/sp1800 • Not covered in detail today • 25 documents NIST – Privacy, Cyber & Information security
  • 15. ISO27001 NIST SP800-53 Management Clauses 7 Incl. Control Categories 15 20 Subcategories 35 321 Total Controls 114 1189 Pages 23+80 464 Additional ISO27x standards NIST SP800 series 59 188 NIST SP1800 (Cyber) 25 NIST – SP800 level of detail
  • 16. SP800 Series • 800-53 rev 5 (dd 2020-09-23, fresh !) • Security and Privacy Controls for Information Systems and Organizations • (FYI, 464 pag.) But also • 800-12: Intro to Information Security • 800-39: Information Security Risk • 800-55: Performance management, And • Patch management, Firewalls, electronic mail, TLS, PKI, Bluetooth, … NIST – SP800
  • 17. NIST SP800-53 Walk-through Security and Privacy Controls for Information Systems and Organizations
  • 18. Info https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final Downloads • SP 800-53 Rev. 5 (DOI) • Local Download Supplements • Spreadsheet of 800-53 Rev. 5 Controls (xls) • SP 800-53 Collaboration Index Template (xls) • SP 800-53 Collaboration Index Template (word) NIST SP800-53 rev.5
  • 19. Abstract • Catalog of security and privacy control • For information systems and organizations • To protect organizational operations and assets, individuals, other organizations • Against from a diverse set of threats and risks, • including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. • Controls are flexible and customizable • Implemented as part of an organization-wide process to manage risk • Derived from mission and business needs, regulations, legal requirement … • Functionality (effectiveness) and assurance perspective (trust) NIST SP800-53 rev.5
  • 20. Add-ons • [SP 800-30] provides guidance on the risk assessment process. • [IR 8062] introduces privacy risk concepts. • [SP 800-39] provides guidance on risk management processes and strategies. • [SP 800-37] provides a comprehensive risk management process. • [SP 800-53A] provides guidance on assessing the effectiveness of controls. • [SP 800-53B] provides guidance for tailoring security and privacy control baselines and for developing overlays to support the specific protection needs and requirements of stakeholders and their organizations. NIST SP800-53 rev.5
  • 21. Setup • Chapter 1: Introduction (p1..6) • Chapter 2: the fundamentals (p7..14) • Chapter 3: The controls (p16..363) • Reference • Appendixes • Glossary • Acronyms • Control summaries (p.427..464) (!) NIST SP800-53 rev.5
  • 22. Chapter 1 (quick check) • The need to protect information, systems, organization & individuals • Purpose & applicability • Audience • Organization responsibilities • Relation to other publications • Revision & extensions • Rev 5 (2020) vs Rev 4 (2016) NIST SP800-53 rev.5
  • 23. Chapter 2 • Fundamental concepts • Associated with security and privacy • Controls, including • The structure of the controls, • How the controls are organized in the consolidated catalog, • Control implementation approaches, • The relationship between • Security and privacy controls, and • Trustworthiness and assurance NIST SP800-53 rev.5
  • 24. Chapter 3 (full catalog) • Consolidated catalog of security and privacy controls • Incl. discussion section to explain the purpose of each control and • Provide useful information regarding • control implementation and • assessment, • A list of related controls to show • The relationships and dependencies among controls, and • A list of references to supporting • Publications that may be helpful to organizations NIST SP800-53 rev.5
  • 26. Detail provided on every security control/measure • Control identifier • Control name • Base control • Security measure definition • Organization tasks (org defined parameter) • Control enhancement • Additional sources • Links to other controls NIST SP800-53 rev.5
  • 27. Detail provided on every security control/measure NIST SP800-53 rev.5
  • 28. Control implementation & classification • Implementation approaches • Common implementation (applies to multiple system) • System Specific • Hybrid (mix of both) • Security vs Privacy • Trustworthiness • Important part of risk management strategy • Impact on trustworthiness • Functionality (effectiveness of security) • Assurance (measure of confidence) NIST SP800-53 rev.5
  • 29. Control Structure - Focus NIST SP800-53 rev.5
  • 30. Comparing ISMS, PIMS & NIST How do they map (or not)?
  • 31. The essentials • ISMS • high level approach • Part 1 = clauses (Management responsibilities) • Part 2 = operational security measures (ref ISO27002) • ISO27002 • Advisory & suggestions on ISMS (& PIMS) • PIMS • Turns “information security” • Into “information security & data protection (PII)” • Add-on to ISO27001, ISO27002 & ISO29100 • NIST • Highly detailed on all categories ISMS, PIMS & NIST
  • 32. Attention points • ISMS • No practical advise, or implementation guidance • Lots of freedom & choice • 114 control points / measures • You can plug in any technical / implementation framework to achieve ISO27001 • International level • NIST • US level • Extremely detailed, very extended • Well organized, super practical guidance & reference ISMS, PIMS & NIST
  • 33. And also • ISO • Limited set publicly Available Standards: http://ffwd2.me/FreeISO • Subscription/License model • NIST • Free ISMS, PIMS & NIST
  • 35. Context Certification Certification ISO international ISO27001, ISO27701 (and also ISO9001, …) GDPR, NIS, Cyber Act & requirements by other international legislation or sectors
  • 36. ISO27001 • International, • Standardized • Mutual recognition • Linked to other standards & process references (like ISO9001) • PDCA cycle Why is this important?
  • 37. NIST • NIST does not offer certification and accreditation methods to certify information security management systems • No equivalent process to ISO Certification
  • 38. NIST Alternatives • assessment and authorization (A&A) process that is part of the NIST Risk Management Framework (RMF) • As part of control assessment, the organization selects the appropriate assessor or assessment team • Fully described in NIST SP800-37, Rev.2 [https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/final]. • Guidance for assessing • Controls: NIST SP 800-53A, • Risk: NIST SP 800-30 • Infosec Continuous monitoring: NIST SP 800-137A Certification
  • 39. Ramping up… Relevant PECB Training courses
  • 40. Relevant Training PIMS • PECB ISO 27701 Foundation • PECB ISO 27701 LI • PECB ISO 27701 LA Information Security • PECB ISO 27001 LI • PECB ISO 27001 LA • PECB ISO 27002 LM
  • 41. Relevant Training Data protection • PECB Certified Data protection Officer (GDPR) Privacy • PECB ISO29100 LI
  • 42. Other Relevant Training Incident Management • PECB ISO 27035 LI Risk Management • PECB ISO 27005 LI
  • 43. Check the PECB agenda, select the ISO/IEC 27701 Lead Implementer https://pecb.com/en/partnerEvent/event_schedule_list Training Events For full detailed information about an event click on the ‘View’ button on the right hand side under ‘View full details’. Note: Before applying for any training courses listed below, please make sure you are registered to PECB Training Agenda
  • 44. Q&A
  • 46. Relevant Training PECB ISO 27701 Foundation https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-foundation PECB ISO 27701 Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-lead-implementer PECB ISO 27701 Lead Auditor https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27701/iso-iec-27701-lead-auditor
  • 47. Relevant Training PECB ISO 27001 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001 Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27001/iso-iec-27001-lead-implementer Lead Auditor https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27001/iso-iec-27001-lead-auditor
  • 48. Relevant Training PECB ISO 27002 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27002 Lead Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec- 27002/iso-iec-27002-lead-manager
  • 50. Relevant Training PECB ISO29100 https://pecb.com/en/education-and-certification-for-individuals/iso-iec-29100- privacy-implementer Lead Implementer https://pecb.com/en/education-and-certification-for-individuals/iso-iec-29100- privacy-implementer/iso-29100-lead-privacy-implementer
  • 51. Relevant Training PECB ISO27035 - Incident Management https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27035 Lead Incident Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27035 /iso-iec-27035-lead-incident-manager
  • 52. Relevant Training PECB ISO27005 - Risk Management https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005 Lead Risk Manager https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005 /iso-27005-lead-risk-manager
  • 53. ISO/IEC 27701 Training Courses • ISO/IEC 27701 Foundation 2 Day Course • ISO/IEC 27701 Lead Implementer 5Days Course Exam and certification fees are included in the training price. https://pecb.com/en/education-and-certification-for-individuals/iso- 27701 www.pecb.com/events

Editor's Notes

  1. Peter
  2. Peter
  3. Peter
  4. Peter
  5. Peter https://www.linkedin.com/pulse/pecb-webinar-collaterals-iso27001iso27701-series-peter-geelen-/
  6. Peter
  7. Peter
  8. Peter
  9. Peter
  10. Peter
  11. Erwin
  12. Erwin
  13. Erwin
  14. Erwin
  15. Erwin
  16. Erwin
  17. Erwin
  18. Erwin
  19. Erwin
  20. Erwin
  21. Erwin
  22. Erwin
  23. Erwin
  24. Erwin
  25. Erwin
  26. Erwin
  27. Erwin
  28. Peter
  29. peter
  30. peter
  31. Peter
  32. Peter
  33. peter
  34. peter
  35. Peter
  36. Peter
  37. Peter
  38. Peter
  39. Peter
  40. Peter
  41. Peter
  42. Peter
  43. Peter
  44. Peter
  45. Peter
  46. Peter
  47. Peter
  48. Peter
  49. Peter
  50. Peter
  51. Peter
  52. Peter
  53. Peter
  54. peter
  55. Peter
  56. Peter
  57. Peter
  58. Lead Auditor for ISO27001 ISO27701 (to be launched)