ISMS Training 2019

The international standard ISO/IEC 27001 describes a way to manage Information security, by creating an Information Security Management System, or ISMS. This is a combination of processes, policies, governance activities, and specific security measures which work together to enable an organization to manage information risks effectively.

Information security is concerned with protecting the Confidentiality, Integrity and Availability of information to an appropriate extent and thus Information Security Management is the means by which this can be achieved.

This  brings to your attention that the university has embarked on a journey to acquire the ISO 27001:2013 certification with an aim to establishing, implementing, maintaining and continually improve Information Security Management.

Staff present the greatest risk to information security; although malicious action by individuals cannot be ruled out, there is a greater risk of breaches occurring as a result of ignorance, inconsistent risk tolerances, or carelessness. The ISMS will help the university manage information in all its forms, including digital, paper-based, intellectual property, university secrets, data on devices and in the Cloud, hard copies and personal information. It will also ensure that the university is in a position to defend itself from technology-based risks providing more resilience to cyber-attacks and other, more common threats such as poorly informed staff or ineffective procedures

Information security is the responsibility of all members of staff in the university and in this regard, The training will center on:
1. Information Security
2. ISO 27001:2013