ISO 27001 Context of the Organisation

Module Information

Understanding the context of your organisation is the essential starting point for building a strong Information Security Management System (ISMS).  This is captured in Clause 4, which guides you to identify the environment in which your ISMS operates, including internal and external factors, as well as the needs of your interested parties.  These foundational elements shape everything you implement going forward.

Once the context is established, we move to Clause 5 Leadership, where top management must demonstrate commitment to information security.  A central part of this commitment is the Information Security Policy, which documents your commitment to information security.

This module explores both areas of the ISO 27001 framework.  You’ll gain an understanding of the context in which your organisation operates and how establishing clear, effective policies are critical first steps towards a robust ISMS.

By the end of this module, you’ll have a clear understanding of how to define your ISMS scope and how to develop policies that meet the Standard’s stringent requirements.

Learning outcomes

By the end of the module, you will have:

• Identified who the ‘interested parties’ are in relation to information security management (ISM) along with their needs and expectations
• An understanding of how to identify, document, update and use information on the internal and external factors relevant to ISM in your business
• Clarity on the Policy requirements of ISO 27001
• Understand how to develop and communicate ISM Policies which fully meet the requirements of ISO 27001
• Shared examples of good practice

Is this module right for me?

This module is ideal if you:

• Want to understand who your interested parties are and their expectations
• Need to know how to capture, maintain, and apply information on internal and external business factors
• Are looking for guidance on creating and communicating an Information Security Policy
• Prefer to learn at your own pace and in your own time
• Need a quick refresher, or are new to information security management

No prior knowledge is required.  This module is beginner-friendly and designed to help you build confidence from the ground up.

For a more in-depth look at ISO 27001, our auditor-led training may be a better fit.

What’s included?

• Access to the ISO 27001 Context of the Organisation and Information Security Policies online training module
• Reflective questions to review your processes, identify opportunities for improvement and help you implement what you’ve learned
• A knowledge check and personalised training certificate
• Six months of access to revisit content whenever you need

How does online ISO training work?

Once payment is received, we will email your login details to you.  If you don’t receive this email, please check your junk folder or contact us.

After completing the pre-training survey, training module, and knowledge check, you can download your personalised certificate for your records.

Looking to build a stronger understanding of ISO 27001?

For a deeper understanding of ISO 27001, our auditor-led ISO 27001 training provides a detailed, clause-by-clause explanation of the standard.  Delivered by one of our experienced lead auditors, this one-day course is designed to help you apply theory to real-life business scenarios.  You’ll also benefit from peer learning, sharing challenges and insights with other delegates.

Alternatively, you can enrol in our ISO 27001 online training bundle.  This package includes all six ISO 27001 training modules, while saving over 20% compared to purchasing modules individually.