MorganHill offers customized ISO/IEC 27001 training programs to ensure employees are adequately trained and knowledgeable on all essential aspects of the actual ISO/IEC 27001 standard, and other supporting standards.  Specifically, we offer the following training solutions:

• Awareness Training: We offer both basic awareness and highly customized training regarding the importance of information security and an employee’s roles and responsibilities in safeguarding information assets. Such training covers key concepts of ISO/IEC 27001, such as risk management, asset protection, access controls, incident response, and compliance with relevant policies and procedures.
  
  
• ISMS Implementation Training: We offer training with regards to implementing the ISMS and how to effectively implement an actual ISMS within an organization. This includes training on risk assessment methodologies, development of information security policies and procedures, establishing controls, conducting internal audits, and more.
  
  
• Lead Implementer Training: For organizations that want to designate individuals as lead implementers who have a deeper understanding of ISO/IEC 27001, we can provide such training. Our lead implementer training covers the standard's requirements, implementation strategies, risk management techniques, audit preparation, project management skills, and more.
  
  
• Internal Auditor Training: Training individuals as internal auditors is crucial to conducting internal audits of the ISMS to ensure its effectiveness and compliance with ISO/IEC 27001. Our internal auditor training covers audit planning, techniques, documentation, evidence gathering, reporting, along with training on understanding and interpreting ISO/IEC 27001 requirements.
  
  
• Risk Assessment and Management Training: ISO 27001 places significant emphasis on risk assessment and management. Our training on risk assessment includes a deep dive into the actual methodologies, risk treatment options, and risk mitigation techniques that are essential to ensure an organization can effectively identify and manage risks to information security.
  
  
• Incident Response and Management Training: Employees responsible for incident response should receive training on identifying, reporting, and responding to information security incidents in accordance with ISO/IEC 27001 requirements. As such, our training covers incident handling procedures, communication protocols, evidence preservation, and recovery measures, and more.
  
  
• Continual Improvement and Compliance Training: We also offer training programs that focus on promoting a culture of continual improvement and compliance with ISO/IEC 27001. This includes training on measuring and monitoring performance against established security objectives, identifying non-compliance issues, implementing corrective actions, conducting management reviews, and more.