Information Security Training

Training and awareness is a critical part of the implementation, operation and maintenance of an effective Information Security Management System (ISMS).  Cambridge Risk Solutions can provide expertise and support.

Cambridge Risk Solutions can assist with the development and delivery of awareness training and programmes, assisting to effectively embed information security in your business.  We offer on-site training, remote training, or a wide range of eLearning courses.

ISO 27001 defines a number of key areas of staff awareness, requiring staff to be aware of their contribution to the ISMS and the implications of not confirming; staff need to be aware of their responsibilities for cyber and information security. 

It is critical that all members of staff fully understand their responsibilities towards the personal data of others, including customers, suppliers, and other staff members.  Many data breaches occur simply through not thinking, or trying to help, so it is essential to empower your staff with the tools for safe data handling.  This includes ensuring that your Board and senior management are aware of their responsibilities.

Information Security coordinators and managers will need to have the relevant competency to be able to fulfil their role, and ISO 27001 requires that you take action to enable the relevant competence, and evaluate the effectiveness of any such training.  Cambridge Risk Solutions can provide training and assurance that you have staff who are competent and confident in their role.  

It is critical that staff who have a role in event and incident management are competent.  They need to understand the difference between an event and an incident, the escalation process and, in some cases, incident management.    This applies not just to IT issues, and should apply across the business.  Thus, it may be, particularly for smaller businesses, that the staff responsible for information security incident response also have business continuity management duties; it is important to highlight where staff will have both roles.

Cambridge Risk Solutions can assist with training internal auditors, ensuring that they have the competence to be able to effectively audit all of the risk controls, as well as the management system and related documentation.

We are happy to answer any questions about - Business Continuity Crisis Management Information Security Product Recalls

How can Cambridge Risk Solutions Help?

Cambridge Risk Solutions provides a range of services to assist with the implementation of Information Security, and have an experienced ISO 27001 Lead Auditor who can assist with readiness for certification to ISO 27001:2013.

View some case studies of recent Information Security projects.