POPIA: Information Security using ISO 27001

ISO 27001 is an internationally recognised standard for information security management. It is also widely recognised as the reference for generally accepted information security practices and procedures that are required for the Protection of Personal Information. ISO 27001 requires that organisations establish, document, implement and maintain an information management system to protect personal information.

This 2 day course provides delegates with an understanding of the International Organisation for Standardisation’s (ISO) standard for information security management – ISO 27001. Delegates will learn about the integrated process approach for information security management and how to extend their current activities in line with international standards.

King III, cloud computing, outsourcing and privacy legislations all require that effective information security be implemented and administered. An ISO 27001 information security management system (ISMS) ensures that the information security strategy and its implementation are aligned with an enterprise’s business needs and strategic goals. The correct implementation of ISO 27001 will assist responsible parties demonstrate that they have properly addressed their obligations to protect personal information.

The scope.

Target audience.


Participants will gain an understanding of the ISO 27001 standard, its requirements and how to correctly implement an information security management system. On completion of this seminar participants will be able to:


Participants will learn through discussion and practical examples how to design and implement information security in accordance with the ISO 27001 requirements for information security management and the Protection of Personal Information Act.

This seminar includes topics about: