Information Security & ISO Compliance
Interactive learning suites for information security management and compliance: ISO/IEC 27001 (ISMS), ISO/IEC 27005 (risk management), ISO/IEC 27017 (cloud security), a hands-on risk-treatment activity, and UK cyber law & compliance.
A set of interactive learning suites I use for teaching information-security management and compliance. Each lesson is self-contained — explore the visual maps, test yourself with the quizzes, and work through the real-world scenarios.
In this topic:
- ISO/IEC 27001 — the Information Security Management System (ISMS): clauses, Annex A controls, PDCA.
- ISO/IEC 27005 — information security risk management.
- Risk Treatment Activity — a hands-on exercise applying risk-treatment decisions.
- ISO/IEC 27017 — security controls for cloud services.
- UK Cyber Law & Compliance — the legal and regulatory landscape (UK GDPR, Computer Misuse Act, NIS, and more).
Suggested order is top to bottom, but each lesson stands on its own.