Course
digicode: P1S
Information Security Fundamentals (ISMS Basics)
Course facts
- Describing the basic terms and concepts of information security
- Knowing a practical approach to assessing information security risks and the basic information security requirements in your own environment
- Knowing useful tips and tools for your own practice and how to supplement them effectively with the use of AI
1 The basics of information security
- Security objectives according to the CIA triangle
- The continuous improvement process according to PDCA
- What is an Information Security Management System (ISMS)?
- Information security standards (ISO-27001, BSI, etc.)
2 Fundamentals of information security strategy
- Definition of responsibilities
- Creation of a security policy
- Establishment of a security organization
- Implementation of a security concept according to the IT-Grundschutz standard
- Useful AI support for security documentation
3 Basis of threat analysis
- Classification of the threat situation for your own situation
- Overview of the methods used by cybercriminals
- Importance of regularly gathering information from specific sources
4 Compliance – basics of important regulatory influences
- Classification of compliance terminology
- Overview of the Swiss Data Protection Act (DSG)
- Influences of the Information Security Act (ISG)
- EU influences of the AI Act and the NIS 2 Directive
- Useful sources and templates for your own practice
5 Basis of risk management
- Purpose and significance of structured risk management within your own company
- Integration into the company's internal control system (ICS)
- Purpose of quantitative and qualitative risk analysis
6 Tools for information security management and practical measures
- Useful tools for your own practice
Component of the following courses
Would you like to familiarize yourself with the basic concepts and terminology of information security and receive practical tips? Then this course is just right for you. It is suitable both as an introduction to the subject and as a solid foundation for more advanced courses.
In this practice-oriented course, IT specialists, managers, project managers, and anyone else interested will acquire the necessary know-how to understand information security holistically and integrate it specifically into their IT projects.
There are no formal prerequisites for this course.
An RDP connection is not mandatory for this course.