DIY ISO 27001 - Build your ISMS 2021

ISO 27001 provides structured governance to address your true security risks

DIY ISO 27001 Workshops return for 2021! – Ensuring customers and partners have confidence in your data security is a significant challenge to expanding business. Being ISO 27001 certified is a trusted means to demonstrate that you have the knowledge, technology and processes in place to protect critical data.

ISO 27001 provides a robust and systematic approach to building information security – however – implementation can be a challenging exercise for any business. This workshop series provides a clear do-it-yourself path to an ISO 27001 Information Security Management System for your organisation.

Invest in your information security capabilities

Vital Advisory present live webinars where you’ll learn how the components of ISO 27001 build an effective and unified approach to managing risk and information security. We explore how you can prepare the documentary, procedural and organisational elements of ISO 27001 to achieve both certification and your business objectives.

Security is a long-term proposition. Develop your in-house capabilities for lasting, effective security management. The DIY ISO 27001 workshop series will provide you with the skills, and a clear roadmap, to build your Information Security Management System in-house.

Focus points of the workshop series include:
+ Overview of the ISO 27001 standard – key objectives and conformance requirements
+ Risk analysis and management processes at the heart of ISO 27001
+ The full documentation set needed for conformance
+ The policies and processes of security best practice
+ Internal and certification audit procedures
+ Ongoing management of your security framework

Training backed by experience

Vital Advisory have extensive experience in developing and delivering ISO 27001 projects with organisations of all sizes. Our continuing record is of 100% of clients achieving their certification objectives. Our workshop presenters regularly deliver multi-day training on information security to audiences from business and government. Our workshops are interactive sessions where participants are encouraged to discuss and explore their security challenges.

Our Trainers:

Key benefits and takeaways

+ Build and mature your organisation’s information security capabilities
+ Clearly understand the ISO 27001 standard and the benefits it brings by structuring security
+ Construct a roadmap for establishing your ISO 27001 ISMS in-house
+ Understand the full lifecycle of managing risk for your organisation
+ Receive templates for ISO 27001’s mandatory documentation set
+ Work through examples of implementing and maintaining your ISMS
+ Understand the requirements for achieving certification of your ISMS
+ Simplified implementation which engages your whole organisation

Included with each workshop are the complete set of presentation materials, workshop exercises, and templates for key documents. Attendees enrolling for the complete series will receive a full ISMS documentation pack.


No previous experience with information security or risk management is required. We recommend staff with responsibilities for security, risk, compliance or project management attend. Although tailored for novice audiences, our workshops include methods and insights which will reward experienced security, risk and compliance officers.


Our 2021 series of live webinars is available in two streams: Bootcamp, where you can skill-up in a short timeframe, and Implementation, which supports you with the right content at the right times as you build your ISMS.

Workshop Fees

AU$3,750 / NZ$3,750 per delegate (ex-GST).
The following discounts are available:
• 15% discount for ISACA, AISA, IIA and RMIA members
• 15% discount for FinTech Australia, TasICT, and NZ Tech Alliance members
• 15% for 2 or more delegates from the same organisation

Webinar Series

Bootcamp Series:
  1. Tue 11 May, 2021
  2. Wed 12 May, 2021
  3. Thu 13 May, 2021
  4. Tue 22 June, 2021
  5. Wed 23 June, 2021
  6. Thu 24 June, 2021
Implementation Series:
  1. Tue 14 Jun, 2021
  2. Wed 16 Jun, 2021
  3. Thu 22 Jul, 2021
  4. Thu 26 Aug, 2021
  5. Thu 23 Sep, 2021
  6. Thu 21 Oct, 2021

Sessions delivered from
9.00 to 14.30 AEST.

  • Introduction to the foundations of ISO 27001 and how it addresses information security issues.
    + Finding the balance between negative and positive risk
    + How security supports business objectives
    + Introduction to ISO 27001
    + Processes for implementing your ISMS

  • Covers initial stages of your ISMS implementation:
    + how to structure your ISMS project
    + ISMS project planning
    + ensuring key stakeholders are engaged
    + capturing your organisational context
    + understanding Risk Methodology

  • This multi-faceted approach to risk assessment allows you to focus resources and effort on the security issues which could realistically impact your organisation.
    + Understanding risk methodology
    + Risk identification – Top Down vs Bottom Up
    + Organisation-wide risk identification
    + Constructing your Risk Register

  • Understand risk procedures to evaluate your risk set, prioritise them, and determine which control measures are going to be genuinely effective in reducing your risk profile. This workshop examines:
    + Self-assessment of your current security state
    + The role of Gap Analysis
    + Risk evaluation
    + Determining risk appetite
    + Approaches to risk treatment

  • Learn how to make effective control selections which address the risks which matter and make those control an integral part of business operations. This webinar examines:
    + Overview of ISO 27001 Annex A security controls
    + What makes a good control? Effective control selection
    + ISO 27001 Statement of Applicability
    + Simplifying control documentation for staff adoption
    + Key security policies – ensuring conformance and effectiveness
    + Planning for the worst – incident response and business continuity

  • Put ongoing governance of your ISMS into effect to achieve lasting security change. Learn how the audit and certification procedures work.
    + Awareness and Engagement – making security a whole-of-organisation concern
    + ISMS and security performance evaluation and metrics
    + Management review of your ISMS
    + Audit processes
    + Going for ISO 27001 certification
    + Ongoing ISMS management

For bookings or further information, call our Registration Desk on +61 410 379 407.


If you’d like to discuss the benefits this DIY ISO 27001 Workshop Series can bring to your organisation, please contact Paras Shah on +61 420 978 258 or email paras.shah (at) For bookings, please contact our registration desk on +61 410 379 407‬.