ICSI is a UK registered company that offers specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals. It was created in response to the growing threats of cyber-crimes and the resulting demand for data security and protection.

ICSI | Certifications

Bletchley Park Science and Innovation Centre Bletchley , Milton Keynes 

tel: +44 (0) 19 08 88 04 93

Required Courses:

  1. ISO 27001 Implementation


  1. Exam Code: CIL [Hours 3, Type: Essay Type, Passing Grade 70%]



Download Course Outline

Course Outline: ISO 27001 Implementation
Certification: ICSI|CIL Certified ISO 27001 Lead Implementer

Duration:  5 Days 

Candidate Prerequisites: 
Basic familiarity with Information Security and Network / IT Security.
Basic familiarity with Project and Risk Management issues.


The ISO27001 is the most acknowledged and globally recognized standard for implementing an Information Security Management System (ISMS) within any organization. The value of information assets and the importance of thoroughly securing them against today’s ever increasing threats, highlight the significance of developing and implementing effective and holistic security management systems. The course highlights the importance of information security and provides the necessary tools and methodologies for students to master the concepts of ISMS implementation, in line with ISO27001.


Who Should Attend:
The training course is intended for IT and security professionals without extensive background and experience in Information Security that wish to gain a thorough understating of ISO27001 implementation, cyber threats and countermeasures as well as to further enhance their careers through training and certification in security management. It is ideal for those endeavoring to work in positions such as Information Security Officer, Security Manager, IT Manager, IT Administrator, Security Auditor, Security Analyst, Systems Engineer, etc.


What is Included:
•    eBook
•    Exercise Manual
•    1 exam voucher - Online Exam Proctoring 
•    Certificate of Attendance (Digital)

Module 1:  Introduction to Cybersecurity and ISO27001:2013
•    What is information security - fundamental principles
•    Cybercrime and threat evolution
•    Introduction to security governance and frameworks
•    Introduction to ISO 27001

Module 2: The ISO27K Family-Definitions and Security Concepts
•    The 27k family of standards
•    Confidentiality, Integrity and Availability
•    Information security concepts and definitions
•    ISMS fundamental principles
•    Governance and policies
•    Incident management

Module 3: ISO27001 Mandatory Requirements – Context, Scope and Leadership
•    ISMS project management
•    Understanding the context and scope definition
•    Management commitment and leadership
•    ISMS policy and objectives
•    Roles and responsibilities

Module 4: Security Planning and Risk Management
•    Security threats & challenges
•    Introduction to risk management and definitions
•    Risk Assessment
•    Risk Treatment
•    The Statement of Applicability

Module 5:  ISO27001 Mandatory Requirements - Support, Operation, Monitoring and Improvement
•    ISO27001  support requirements
•    ISMS operation
•    Performance evaluation
•    ISMS internal audit
•    Management review
•    ISMS continual improvement
•    Continuous monitoring and technical security audit

Module 6: ISO27001 Annex-A Controls
•    Introduction to ISO27001 Annex-A
•    Security controls and control-types
•    Analysis of the Annex-A domains and controls

Module 7: ISO27001 Certification and Beyond

•    The ISO organizations and standards
•    The ISO27001 certification process
•    Beyond best practices
•    Data protection, privacy and related legal terms

Module 8:  ISMS Training and Awareness
•    Introduction to social engineering
•    Phishing, spear phishing, spoofing, pharming
•    Social engineering in social media
•    CESG password guidance
•    Cybersecurity realities
•    Social engineering assessments

 Module 9: Cybersecurity
•    The Cybersecurity program
•    ISO27032 – Incident management
•    Common cybersecurity vulnerabilities
•    DOS attacks
•    Security Systems and devices
•    Malware and Advanced Persistent Threats
•    Mobile security
•    Conclusions and critical success factors

The CIL certification exam covers material from all 9 modules and mainly consist of essay type questions, based in one or more case studies to be provided during the test. The exam duration is three hours. Passing Grade = 70%.