In an era of rapid global digitalization, remote work and the use of various electronic devices have become the new normal. However, this shift has also introduced significant information security threats, such as internal data leaks, the proliferation of viruses, and hacker attacks, which pose substantial challenges to businesses. To address these issues, the International Organization for Standardization (ISO) officially released the latest ISO/IEC 27001:2022 standards for information security, cybersecurity, and privacy protection in October 2022. These standards are applicable to organizations of all types, sizes, and natures, including businesses, government agencies, and non-profit organizations. In Taiwan, the Executive Yuan's Cybersecurity Office has also adopted these standards as guidelines for cybersecurity requirements in government entities.

Our course, part of the NSIT Management Series, is an Information Security Management course tailored for professionals seeking an in-depth understanding of Information Security Management Systems (ISMS). Based on the ISO/IEC 27001 standard, this course introduces key concepts related to auditing information security and ISMS, along with critical topics such as security policies, risk management, business continuity management, internal audits, and control measures. Through this program, participants will gain a comprehensive understanding of ISMS, identify potential cybersecurity threats, and learn how to audit ISMS to establish or enhance the information security measures needed for their organizations.

Additionally, the course is based on the latest updates to the ISMS standards, including ISO/IEC 27001:2022 and ISO/IEC 27002:2022, and incorporates the recently released ISO/IEC 27005:2022 international standard for information security risk management. This ensures that participants acquire the most up-to-date and complete knowledge of information security management. By completing this course, participants will be equipped to manage and audit ISMS, providing robust security assurances for their organizations in the digital age.