Book a Meeting
Login

Competency

Implementing Information Security Management Systems II

This competency focuses on applying key ISO/IEC 27001 Annex A controls, including privileged access, authentication, malware protection, configuration management, data handling, and logging. It provides practical guidance on implementing these controls to strengthen and maintain an effective ISMS.

4 Trainers

Course Overview

Explore the practical implementation of ISO/IEC 27001 Annex A controls that form the backbone of an effective Information Security Management System. This competency breaks down essential security measures—such as access control, secure authentication, configuration and change management, malware defense, data management, and activity logging—into clear, actionable guidance. Each module demonstrates how these controls mitigate risk, enhance security posture, and support compliance with ISO/IEC 27001 requirements in real-world environments.

About

What You'll Learn:

  • How to implement ISO/IEC 27001 Annex A controls related to privileged access and authentication

  • Techniques for securing system configurations and managing configuration changes

  • How to establish effective malware protection and endpoint security practices

  • Methods for managing data securely, including classification, handling, and retention

  • How to implement logging, monitoring, and event analysis to detect suspicious activity

  • Approaches for securing user access, including provisioning, review, and enforcement

  • How to assess, implement, and improve ISMS controls across operational environments

  • Practical steps for implementing controls 8.2 through 8.17 in real-world organizations

Who Should Take This Course?

  • Information security professionals implementing ISO/IEC 27001 controls

  • ISMS managers and coordinators responsible for Annex A implementation

  • IT, cybersecurity, and risk management teams supporting ISO compliance

  • System administrators responsible for access control, configuration, and logging

  • Security analysts working on monitoring, detection, and incident prevention

  • Organizations preparing for ISO/IEC 27001 certification or surveillance audits

  • Anyone designing, implementing, or maintaining ISMS technical controls

What You'll Get:

  • A structured understanding of how to implement ISO/IEC 27001 Annex A controls (8.2–8.17)

  • Practical guidance for applying ISMS controls in real operational environments

  • Improved ability to secure access, configurations, data, and logging processes

  • Techniques for strengthening monitoring, detection, and malware protection

  • Confidence in applying ISMS controls required for ISO/IEC 27001 certification

  • Practice quizzes and modules to reinforce your understanding of each control

Module 1

Implementing ISO/IEC 27001, Annex A Controls 8.2 to 8.5

  • Implementing Control 8.2

  • Implementing Control 8.3

  • Implementing Control 8.4

  • Implementing Control 8.5

Module 2

Implementing ISO/IEC 27001, Annex A Controls 8.6 to 8.9

  • Implementing Control 8.6

  • Implementing Control 8.7

  • Implementing Control 8.8

  • Implementing Control 8.9

Module 3

Implementing ISO/IEC 27001, Annex A Controls 8.10 to 8.12

  • Implementing Control 8.10

  • Implementing Control 8.11

  • Implementing Control 8.12 (Part I)

  • Implementing Control 8.12 (Part II)

Module 4

Implementing ISO/IEC 27001, Annex A Controls 8.13 to 8.17

  • Implementing Control 8.13

  • Implementing Control 8.14

  • Implementing Control 8.15

  • Implementing Controls 8.16 and 8.17

Specialization · 4 modules             

Watch Now

4 Modules

100% Positive Reviews (36 reviews)

102 Lessons (4h 0m)

831 Students

Languages Available: Spanish, English, German, French

Exam

Certificate upon completion of the course

Tags

ISO/IEC 27001 Annex A

Access Control Management

Configuration & Change Management

Malware & Endpoint Protection

Logging & Monitoring

Information Security Implementation

About the Trainer

Graeme Parker

Cybersecurity and Information Security Expert

Graeme Parker is an experienced security and risk management professional with a strong background in both private and public sectors. He specializes in implementing information risk solutions, designing security architectures, and building compliance programs aligned with standards such as ISO/IEC 27001, PCI-DSS, and HMG Accreditation.

Graeme has worked across financial services, government, manufacturing, healthcare, and retail, leading risk assessments, security initiatives, and due-diligence activities for complex projects. As a certified PECB trainer, he delivers global courses on ISO/IEC 27001, ISO 22301, ISO/IEC 42001, and exam preparation for CISSP, CISM, and CISA.

With international experience in the UK, USA, Canada, Sweden, Ireland, and Germany, Graeme brings practical insight and proven expertise in strengthening organizational security and compliance

Get Industry Insights and Special Offers

Skills Subscribes

Company

About Us
Contact Us
Help Center

Popular Courses

Business Consulting and Industry Insights
AI Prompt Engineering
Cyber Resilience with ISO/IEC 27032
Auditing Control A 5.37 Documented Operating Procedures
Management Systems Auditing
Information Security Management based on ISO/IEC 27001
Privacy Policy
Terms of Service
Cookie Policy

© PECB Skills 2025. All rights reserved.

Book a Meeting

Skills - Book a demo

登録ありがとうございます!

Thank you for subscribing!