Course Outline

Course Title: ISMS ISO/IEC 27001:2022 Foundation
Duration: 1 Day (6–8 hours)
Delivery Mode: Classroom / Virtual Live / Self-paced
Assessment: Multiple-Choice Questions (MCQ) or Short Quiz
Certification: Certificate of Completion by Cosmos International Training Institute (CITI)

​

Course Objectives

By the end of this course, participants will be able to:

• Understand the core principles of Information Security Management Systems (ISMS)

• Interpret the ISO/IEC 27001:2022 structure, terminology, and key concepts

• Recognize the importance of risk-based thinking in ISMS

• Identify basic requirements for implementing and maintaining an ISMS

• Understand the benefits of ISO/IEC 27001 compliance and certification

​

Course Modules

Module 1: Introduction to Information Security

• What is Information Security?

• The CIA Triad: Confidentiality, Integrity, and Availability

• Threats, vulnerabilities, and risks

• Importance of ISMS in today’s digital environment

Module 2: Overview of ISO/IEC 27001:2022

• Evolution and purpose of ISO/IEC 27001

• Difference between ISO/IEC 27001:2013 and 2022 update

• Scope and applicability of the standard

• Key terms and definitions

Module 3: Annex SL – Harmonized Structure

• High-Level Structure of ISO Management System Standards

• How Annex SL supports integration with other ISO standards (e.g., ISO 9001, 14001)

• Overview of Clauses 4 to 10

Module 4: Clauses of ISO/IEC 27001:2022

• Clause 4: Context of the organization

• Clause 5: Leadership and commitment

• Clause 6: Planning for the ISMS and information security risks

• Clause 7: Support (resources, awareness, communication)

• Clause 8: Operation and implementation of security controls

• Clause 9: Monitoring, measurement, analysis, evaluation

• Clause 10: Improvement and corrective actions

Module 5: Information Security Controls (Annex A)

• Introduction to the 93 controls in 4 themes:

  • Organizational

  • People

  • Physical

  • Technological

• Examples of commonly implemented controls

• Control selection based on risk assessment

Module 6: ISMS Documentation and Implementation Essentials

• Required documentation for compliance

• Risk assessment and treatment overview

• Statement of Applicability (SoA)

• Basics of continual improvement

​

Assessment & Certification

• MCQ test or short answer quiz at the end of the session

• Certificate of Completion issued by Cosmos International Training Institute (CITI)

 

Target Audience

• IT professionals and system administrators

• New entrants into information security or cybersecurity roles

• Internal auditors and compliance officers

• Anyone interested in understanding ISO/IEC 27001:2022 fundamentals

• Professionals preparing for advanced ISMS or Lead Auditor training