Training Information

• Training Method: Online Training

• Training Duration: 16 Hours

Training Objective

The purpose of this training is to provide participants with knowledge about the fundamental principles of the ISO/IEC 27001 Information Security Management System standard, introduce the systematic approach to protecting information assets, and raise awareness regarding ISMS implementation and certification processes. Within the scope of the training, the scope of the information security management system, risk management approach, documentation structure, control mechanisms, and continuous improvement processes will be addressed.

Training Content

1. Information Security Management System (ISMS) Concept

• Concept of information security

• Principles of confidentiality, integrity, and availability of information

• The importance of protecting information assets

• Corporate information security approach

2. Introduction to the ISO/IEC 27001 Standard

• Purpose of the ISO/IEC 27001 standard

• General structure of the standard

• Management system approach

• Process-oriented structure

3. Determining the Scope of the ISMS

• Establishing the organizational scope

• Evaluation of organizational structure and processes

• Identification of information assets

• Needs and expectations of relevant parties

4. Risk Management Process

• Information security risk approach

• Identification of risks

• Risk assessment processes

• Risk treatment methods

• Risk control processes

5. Information Security Controls

• Purpose of security controls

• Organizational controls

• Physical security controls

• Technical security controls

• Access control applications

6. Documentation and Record Processes

• ISMS documentation structure

• Policies and procedures

• Management of records

• Concept of documented information

7. Internal Audit and Continuous Improvement

• Internal audit processes

• Evaluation of nonconformities

• Corrective action approach

• Continuous improvement processes

8. Certification Process

• ISO/IEC 27001 certification structure

• Certification stages

• Audit processes

• Certificate maintenance and surveillance activities

9. Application Examples and Evaluation

• ISMS implementation examples

• Process evaluations

• General review and question-answer practices

Important Information

• A participation certificate will be issued to participants who attend 80% or more of the total training duration. No certificate will be issued for participation rates of 79% or below.

• After the completion of the training period, documents will be prepared following the controls carried out by our institution and sent to the addresses you provided during registration via PTT Cargo. Your address and contact information must be up to date.

• Participants may send all questions and issues to our address usem@uludag.edu.tr. E-mails will be monitored instantly throughout the training period.

• Training applications and training fee payments are carried out online. Installment payments cannot be made for participants' bank credit card payments.

• For corporate invoice payments, you may contact our solution center at 0850 840 8543.

• As of 20.09.2025, campus entries are carried out via HGS, and HGS fees are not affiliated with our center.

Attention: In cases where participants who have completed final registration for our trainings cannot attend due to valid reasons and request cancellation of registration, the refund process takes approximately 1 month due to internal correspondence arising from revolving fund management regulations. Please take this into consideration before completing final registration.