The ISO27000 Family - Security Management | Coursera

Pour l'entreprisePour les étudiants

Parcourir
Meilleurs cours
Connexion
Inscrivez-vous gratuitement

The ISO27000 Family

Loading...

Information Security: Context and Introduction

Université de Londres

4.6 (1,512 évaluations) | 48 000 étudiants inscrits

S'inscrire gratuitement

In this course you will explore information security through some introductory material and gain an appreciation of the scope and context around the subject. This includes a brief introduction to cryptography, security management and network and computer security that allows you to begin the journey into the study of information security and develop your appreciation of some key information security concepts. The course concludes with a discussion around a simple model of the information security industry and explores skills, knowledge and roles so that you can determine and analyse potential career opportunities in this developing profession and consider how you may need to develop personally to attain your career goals. After completing the course you will have gained an awareness of key information security principles regarding information, confidentiality, integrity and availability. You will be able to explain some of the key aspects of information risk and security management, in addition, summarise some of the key aspects in computer and network security, including some appreciation of threats, attacks, exploits and vulnerabilities. You will also gain an awareness of some of the skills, knowledge and roles/careers opportunities within the information security industry.

Visualiser le programme de cours

Compétences que vous apprendrez

Cybersecurity, Cryptography, Information Security (INFOSEC), Security Management

Avis

4.6 (1,512 évaluations)

5 stars
72.02%
4 stars
22.42%
3 stars
4.56%
2 stars
0.59%
1 star
0.39%

JN

27 mai 2018

This has been very informative. I am in the IT industry and this has served as a good reminder and has helped me understand some rationales behind some of the things I do on a daily basis.

PB

5 nov. 2020

Coursera is very good and dynamic online study programme. Learn about advance security features, leadership and management and gin knowledge about to secure the information from malware.

À partir de la leçon

Security Management

The ISO27000 Family4:19

Security Policies2:45

Security Controls3:01

Enseigné par

Professor Peter Komisarczuk
Programme Director
Professor Keith M. Martin
Professor of Information Security
Dr Jorge Blasco Alis
Lecturer in Information Security

Essayer le cours pour Gratuit USD

Transcription

[MUSIC] The ISO.IEC 27000 series of standards is a series of information on Security Management Standards, jointly published by ISO and the IEC. ISO is the International Organization for Standardization, while IEC refers to the International Electrotechnical Commission. These standards dominate how information security management is done today. The series provides definitions of basic terminology. Descriptions on how to establish and operate an information security management system. Guidance on security controls and guidance on risk assessment and security audit. The ISO 27000 series also includes a range of cyber specific supplements that can be used to adapt security processes to specific sectors like cloud services or telecoms. The 27000 is constructed in five categories. The first category includes The 27000 standard. And it's basically terminology and definitions. The second category covers requirement standards and includes 27001, 27006 and 27009. The ISO 27001 sets down the requirements for an implementation of an information security management system. These requirements allow organizations to claim compliance against ISO 27001. As a result, this is the key standard in the whole 27000 series. The ISO 27006 establishes the requirements for bodies providing audit and certification of information security management systems. These requirements must be fulfilled by any organization willing to provide ISMS certification. The ISO 27009 explains how to include additional requirements for a specific sectors. The third category of standards included in the 27000 series are the Guidelines standards. These include 27002, 27003, 27004, 27005, 27007, 27013 and 27014. The 27002 provides a catalog of security controls and guidance on their use. This is the oldest member of the series and this a direct descendent of the BS7799. 27003 provides ISMS implementation guidance. 270004 provides guidance on how to measure the effectiveness of an ISMS and its controls. 27005 deals with risk management. And finally, 27007 is related towards a team. The fourth category for standards are Sector-Specific standards, these includes 27010, 11, 15, 17, 18 and 19. These standards are applicable to specific sectors, like telecommunications, financial services, cloud services, and personally identifiable information processors. Finally, the last category includes the control specific guideline standards. These provide a more detailed set of guidelines for guiding security controls mentioned across the rest of the documents of the series. These include, among others, 27031, which describes guidelines to ensure business continuity, the 27032, which provides guidelines for cybersecurity, and the 27033 which describes network security concepts. The 27000 series of standards are developed by the ISO/IEC joint technical committee 1, subcommittee 27, hence the name of the series. As you may imagine, the information included in these standards must be updated frequently to reflect the new developments, and threats in business sectors. The members of subcommittee 27 meet twice a year in person to update and propose new documents to be added to the 27000 series. The 27000 series is a set of information security standards that establishes a set of requirements, recommendations and guidelines to implement information security. The ISO 27001 is the most important standard of the series. Organizations can request to be certified against this standard. When an organization obtains a 27001 certification, it means that a third party has verified that the organization implements an information security management system that will fill all the requirements of the 27001 standard. [MUSIC]

Explorer notre catalogue

Rejoignez-nous gratuitement et obtenez des recommendations, des mises à jour et des offres personnalisées.

Coursera Footer

Meilleurs cours en ligne

Recherche d'un but et d'un sens à la vie
Comprendre la recherche médicale
Le japonais pour les débutants
Introduction au Cloud Computing
Les bases de la pleine conscience
Les fondamentaux de la finance
Apprentissage automatique
Apprentissage automatique à l'aide de SAS Viya
La science du bien-être
Recherche des contacts COVID-19
L'IA pour tous
Marchés financiers
Introduction à la psychologie
Initiation à AWS
Marketing international
C++
Analyses prédictives & Exploration de données
Apprendre à apprendre de l'UCSD
La programmation pour tous de Michigan
La programmation en R de JHU
Formation Google CBRS CPI

Meilleures spécialisations en ligne

Traitement automatique du langage naturel (NLP)
IA pour la médecine
Doué avec les mots : écrire & éditer
Modélisation des maladies infectieuses
La prononciation de l'anglais américain
Automatisation de test de logiciels
Deep Learning
Le Python pour tous
Science des données
Bases de la gestion d'entreprise
Compétences Excel pour l'entreprise
Sciences des données avec Python
La finance pour tous
Compétences en communication pour les ingénieurs
Formation à la vente
Gestion de marques de carrières
Business Analytics de Wharton
La psychologie positive de Penn
Apprentissage automatique de Washington
CalArts conception graphique

Certificats en ligne

Certificats Professionnels
Certificats MasterTrack
Google IT Support
Science des données IBM
Ingénierie des données Google Cloud
IA appliqué à IBM
Architecture Google Cloud
Analyste de cybersécurité d'IBM
Automatisation informatique Google avec Python
Utilisation des mainframes IBM z/OS
Gestion de projet appliquée de l'UCI
Certificat stratégie de mise en forme
Certificat Génie et gestion de la construction
Certificat Big Data
Certificat d'apprentissage automatique pour l'analytique
Certificat en gestion d'innovation et entrepreneuriat
Certificat en développement et durabilité
Certificat en travail social
Certificat d'IA et d'apprentissage automatique
Certificat d'analyse et de visualisation de données spatiales

Programmes diplômants en ligne

Diplômes en informatique
Diplômes commerciaux
Diplômes de santé publique
Diplômes en science des données
Licences
Licence d'informatique
MS en Génie électrique
Licence terminée
MS en gestion
MS en informatique
MPH
Master de comptabilité
MCIT
MBA en ligne
Master Science des données appliquée
Global MBA
Masters en innovation & entrepreneuriat
MCS science de données
Master en informatique
Master en santé publique

Coursera

À propos
Ce que nous proposons
Direction
Carrières
Catalogue
Certificats
Certificats MasterTrack™
Diplômes
Pour l'entreprise
Pour les gouvernements
Pour le campus

Communauté

Étudiants
Partenaires
Développeurs
Testeurs bêta
Traducteurs
Blog
Blog Tech
Centre d'enseignement

Plus

Conditions
Confidentialité
Aide
Accessibilité
Presse
Contact
Répertoire
Filiales

Apprendre partout

Disponible sur Google Play

© 2021 Coursera Inc. Tous droits réservés.