ISO/IEC 27001:2022 – Understanding the Requirements

ISO/IEC 27001:2022 is the leading international standard for managing ISMS systems responsibly. This three-day foundational course is designed to help professionals understand the core requirements of an Information Security Management System (ISMS) and how to apply them in real-world contexts.

Whether you’re in risk, compliance, tech, or leadership, this course equips you with the knowledge to navigate ISMS governance practices with confidence.

By completing this course, you will:

  • Understand the purpose, structure, and scope of ISO/IEC 27001:2022

  • Learn how the standard addresses ISMS risks, controls, monitoring, and continual improvement

  • Explore key clauses, including leadership, planning, support, operations, and performance evaluation

  • Gain insights into integrating ISMS with other ISO-based systems (e.g., ISO/IEC 42001)

  • Walk away with the confidence to contribute to responsible ISMS initiatives within your organization

Diamond-shaped badge with the logo and text indicating "Exemplar Global RTP Certified Training".

Who Should Attend This Course?

  • Security, IT, and governance professionals

  • Risk, compliance, and ethics officers

  • Information security managers and ISO practitioners

  • Consultants, auditors, and technology leads exploring ISMS governance

  • Business leaders responsible for responsible ISMS adoption and oversight

Course Outline & Details

A group of people in a modern office meeting through a glass wall, with one woman standing and presenting, and four others seated at a table with laptops.

    • Introduction to the ISMS standard and its global significance

    • Scope, structure, and terminology used in ISO/IEC 27001

    • Organizational context, leadership, and stakeholder accountability

    • Risk assessment and impact management for ISMS systems

    • ISMS‑specific planning: risk assessment, control selection, monitoring

    • Operational controls for implementation, management, and ongoing ISMS governance

    • Monitoring, documentation, control effectiveness, and auditability in practice

    • Performance evaluation, internal review, and continual improvement

    • Aligning ISO/IEC 27001 with other management systems

    • Key considerations for preparing an organization for future certification

    • Cost: 3 days – $1,800 USD per student.

    • Delivery: Online

    • Start time: 9 am, EST.

Meet Your Instructor

Petru Dragnef is the Practice Lead of Audit & Compliance at Seratos and is a certified ISO/IEC 27001:2022 Lead Auditor. He has conducted audits and advisory engagements for Fortune 100 companies in the semiconductor and medical/laboratory device industries, in addition to working with many international law firms headquartered in North America. ​

Specialties:​

  • ISO 27001, 27701, 27017​

  • IT & cloud security architecture​

  • Mathematical modelling for risk management

Petru holds an academic background in mathematics and philosophy. He applies a systems-thinking approach to cybersecurity and information governance, ensuring compliance with standards and ensuring the operational functionality of an organization’s management systems.

Register Now