Training to become an IT security officer

Hochschule Niederrhein. Your way.

The security and reliability of information and communications technology used by companies and public authorities is becoming increasingly important, as is the trustworthy handling of information. Inadequately protected information is an often underestimated risk factor. A security incident, such as the manipulation or disclosure of corporate or government data, can result in high costs and is always associated with a loss of customer confidence. For this reason, more and more companies and public authorities are establishing the position of an IT security officer. One of the most important tasks of an IT security officer is the introduction to an information security management system (ISMS). For organizations that are classified as "critical infrastructures" according to the IT Security Act, the introduction to an ISMS is mandatory.

Within the framework of this ONLINE certificate course, you will acquire solid basic knowledge for planning, implementing and monitoring an ISMS in accordance with ISO 27001. You will receive a structured overview of the regulatory requirements from the IT Security Act and acquire application-related knowledge and methods for implementing the ISMS in your own company.

With successful degree of the course you will be able to:

Correctly classify the IT security norms and standards according to ISO 27001.
Understand the components and procedures of an ISMS organization.
Apply methods to survey the information technology security level.
To participate in the implementation of an ISMS within one's own organization.
To ensure the continuity of an established ISMS.

Participants who pass an examination receive a certificate from the university for the "IT Security Officer" training.
Optimization of processes in corporate IT.
Saving costs and resources for the implementation of the ISMS.

IT and information security professionals, IT managers, consultants, project managers, managing directors, data protection officers: anyone who is responsible for the security of their IT infrastructure and will assume the role of an IT security officer in their company.

The original knowledge transfer takes place in the form of a classic seminar. Accompanying exercises immediately link what has been learned with practical knowledge, which promotes a sustainable learning process and facilitates transfer to your own company.

The curriculum and further information can be found in the flyer and in the download area.

Downloads

Flyer

Module description

Examination regulations

In-house training

Individually tailored to your requirements

Introduction to: IS, ISO 27000, BSI IT baseli

- Course objectives and structures
- Motivation
- IT management (ITIL, CobIT, IT governance, IT compliance)
- IT Security Act
- General Data Protection Regulation
- The ISO/IEC 27000 family of standards
- Basic principles of information security
- Information Security Management System (ISMS)
- Certification process
- IT baseline protection according to BSI
- Typical attack scenarios
- Technical protection
- Creating an IT security concept

Initiation and degree of an audit

Basic audit concepts and principles
- Initiation of the audit
- Phase 1 audit
- Preparation of the phase 2 audit (on-site audit)
- Phase 2 audit / audit methods
- Obtaining traceable audit results and dealing with
audit risks
- Communication during the audit - Audit procedures - Preparation of the audit test plan - Preparation of recommendations and deviations - Summary and quality review - Closing the audit Communication during the audit
- Audit procedures
- Preparation of the audit test plan
- Elaboration of recommendations and deviations
- Summary of the audit and quality check
- Degree of the audit
- Documentation of an ISMS audit

- Follow-up of the contents, exercises

Introduction to an ISMS

- Phase 1: Defining the context, organization and scope
- Phase 2: Identifying information and assets in need of protection
- Phase 3: Conducting protection requirements and risk analysis
- Phase 4: Determining and establishing measures for risk treatment
- Phase 5: Measuring, controlling and continuously improving the ISMS

- Follow-up of the content, exercises

Operation of the ISMS

- Tasks of the IT security officer
- Risk management
- Monitoring of action plans
- Supplier audit
- Ensuring the continuity of an established ISMS
- Written examination

Dates: Four attendance days on request at weiterbildung(at)hsnr.de
Registration deadline: ---
Number of participants: 10 persons
Location: Krefeld South Campus

Participation fee: 1.390,00 € | Alumni 1.320,00 €
Prerequisites for participation: University degree with at least one year of professional experience or professional training and at least three years of professional experience.
Scope (workload): 50 h, of which 32 h attendance, 2 ECTS.
Degree: University certificate / certificate of attendance

Your contact person

Ulrike Schoppmeyer

Center for continuing education Participant management | Acquisition

Room: AE 32E
Phone: +49 (0)2151 822-1561
Fax: +49 (0)2151 822-851561
continuing education(at)hs-niederrhein.de
Reinarzstraße 49
47805 Krefeld

Consulting

Accessibility

This website uses cookies. Those have two functions: On the one hand they are providing basic functionality for this website. On the other hand they allow us to improve our content for you by saving and analyzing anonymized user data. You can redraw your consent to using these cookies at any time. Find more information regarding cookies on our Data Protection Declaration and regarding us on the Imprint.

Mandatory

These cookies are needed for a smooth operation of our website.

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your consent to using cookies.	1 year	HTML	Website
fe_typo_user	Assigns your browser to a session on the server.	session	HTTP	Website

Marketing

With the help of these cookies we strive to improve our offer for our users. By means of anonymized data of website users we can optimize the user flow. This enables us to improve ads and website content.

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo
_pk_ref	Used to store the attribution information, the referrer initially used to visit the website.	6 months	HTML	Matomo
_pk_ses	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_cvar	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_hsr	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_dc_gtm_--property-id--	Used by DoubleClick (Google Tag Manager) to help identify the visitors by either age, gender or interests.	1 minute	HTML	Google
_fbp	Stores the unique visitor ID.	28 days	HTML	facebook
facebookPixel	If JavaScript is not enabled, this pixel initiates a connection to facebook.	none	Pixel	facebook

External content

With the help of these cookies we strive to improve our offer for our users. By means of providing video content or other useful content like maps to enhance the user experience.

Name	Purpose	Lifetime	Type	Provider
YouTube	Is used to connect to YouTube and to display videos.	none	Connection	YouTube

Training to become an IT security officer