How to Learn all aspects of ISO 27001:2013 | The best way to grab the knowledge on 27001:2013 (Step by Step)



Hi All,

Please guide me on the learning approach towards iso 27001:2013, how can I learn it step by step.
Need some answers which can help me in self-study.

Elsmar Forum Sponsor


Fully vaccinated are you?
The best way I found to learn a standard was to have a copy of it and type it into a Word document. A big help is to have any related standard(s) or reference documents such as, in the case of ISO 9001, to have a copy of ISO 9000 and ISO 9004.

As I wrote, I made a spreadsheet so that every sentence had an entry for comments. When I was doing this stuff the internet wasn't yet. Now days there are thousands of websites, such as here, where you can read peoples interpretations. The way I did it was probably "old school". It's how I learned to study in college years ago. At the time a professor told me that if I really wanted to learn difficult subjects that I had to read everything in the text book and be able to write a sentence or two, at the very least, about every sentence in the book. I was a slow learner with learning disabilities that went back to pre-kindergarten so while many people could pick things up easily, I wasn't that type of person.

So for me, courses like organic chemistry, physiology and physics, to name a few, were difficult. It was frustrating because many of my classmates made it all seem to be so simple. Then again, most of them had already taken preliminary courses in high school.

When I picked up ISO 9001 back around 1990 I did the same thing, though. I bought copies of the standard and associated documents, wrote them out, and bought a number of books on ISO9001 (pre-internet days so I got several books from the library, too). I got to the point where while I didn't know the standard by heart well enough to recite it, I did know every sentence to the point where I could discuss each and relate each to company systems.

I will say that by typing the standard into a Word document it was also a big help to me over time - Easy to search and copy of paste from.

I also did an audit compliance document taken from the parts of the standard. ISO 9001 has changed a bit, but at one time I could discuss every sentence, its intent and how to comply.

I am sure others here will give you their take on how to do that these days, with the internet available and all that.


Trusted Information Resource
Please guide me on the learning approach towards iso 27001:2013
For what purpose? What is the end game?

If to implement into an organization, I propose reading the IAQG Process Approach document. What are the processes of the organization?

Once identified, what are the inputs and outputs, how does the flow between processes work.

Once identified, what are the customer requirements for that process.

Once identified, go through ISO 27001, and find out what you have that already meets the requirements.

Also, in terms of any of the standards, watch out for 'threads' of information. Here is an example from ISO 9001:

Risks and Opportunities: 0.3.3 Risk-based Thinking, 0.1 General, 4.4.1 (f) QMS and its Processes, 5.1.2 (b) Customer Focus, 6.1.1, 6.1.2 Planning: Actions to Address Risks and Opportunities, 8.3.3 (e) Design and Development Inputs, 8.3.6 (d) Design and Development Changes, 8.4.2 Type and Extent of Control, 9.3.1 (e) Management Review: General, 10.2.1 Nonconformity and Corrective Action, A.4 Risk-based Thinking


Inactive Registered Visitor
Using a standard as a way to understand the standard is not the best way to learn it.

Standards are created for experts in a subject, for experts in a subjects, and generally contain requirements based on good practice on the field. The best way to understand good practice is to read books on the subject. For example, when I begun working in quality, people told me - read the standard (for example, ISO 9001). What I did was to read 4 or 5 books from the old gurus (Deming, Juran, Crosby...) and then, nothing in the standard was new (sure, some specific terms and such may have been created specifically for the standard to standardize terminology, etc, but it's really 1 % of the text).

When I begun working with standards development, this was even more confirmed.
Hi Team,

I m confused to check the policy fall under which team.

ISMS...Does this fall under Information Security team
Health and Safety ,,Does this fall under Admin team
What is ISMS apex manual ?
Who prepare the SOA and why its been done.
Can we do the changes in SOA and if yes then which other document get affected or may have to do the changes

Kindly help on this Query. I am very much keen to work and learn more n more on ISO 27k and security level

Thread starter Similar threads Forum Replies Date
A CDRH Learn and DICE for Building a QMS 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 6
K Things to learn during lockdown.... Safety-related books/articles/threads Book, Video, Blog and Web Site Reviews and Recommendations 1
E What do I study to learn how to audit? Professional Certifications and Degrees 3
S I want to learn Fish-Bone Diagram Analysis Problem Solving, Root Cause Fault and Failure Analysis 14
drgnrider ISO 14001 - Need to learn YESTERDAY!!! ISO 14001:2015 Specific Discussions 18
C Best Book to learn MiniTab 16 Book, Video, Blog and Web Site Reviews and Recommendations 9
S Seeking to learn English Video and Suggestions - I am Chinese Coffee Break and Water Cooler Discussions 9
T What our managers can learn from Jim Harbaugh (NFL Coach of the Year)? Coffee Break and Water Cooler Discussions 1
Sidney Vianna Reasons for the Decline of ISO 9001 Registrations Worldwide and ISO Strategy 2030 - Why can't they learn? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 154
bio_subbu USFDA CDER Learn (Web based course free of charge) Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 1
S Things we learn Coffee Break and Water Cooler Discussions 0
T When will people learn the difference between OHSAS and ISO standards? Occupational Health & Safety Management Standards 29
SteelMaiden Some people never learn. Coffee Break and Water Cooler Discussions 4
D The best web sites to learn about IMDS information and enter information? RoHS, REACH, ELV, IMDS and Restricted Substances 3
D Medical Device Packaging - Trying to learn Technical files EU Medical Device Regulations 4
E Can QA professionals learn anything from the current global financial crisis? Misc. Quality Assurance and Business Systems Related Topics 1
Wes Bucey Laid off? Downsized? What did you learn? Career and Occupation Discussions 80
H Where to learn about ISO 22000, HACCP and FS (food safety) Food Safety - ISO 22000, HACCP (21 CFR 120) 10
K Quality Materials - I would like to learn more about quality assurance Career and Occupation Discussions 5
A Most Important Knowledge in the Quality Assurance field - What to Learn Career and Occupation Discussions 11
S How do I learn CMMI (Capability Maturity Model Integration)? Software Quality Assurance 4
D Learn To Pay Attention! Funny Stuff - Jokes and Humour 1
S Best way to learn Minitab Usage Using Minitab Software 9
Y Want to meet someone from big 3 in the supplier develop field to learn from Supplier Quality Assurance and other Supplier Issues 6
Antonio Vieira Learn any language! Text to Speech - It's easy to speak for example Portuguese After Work and Weekend Discussion Topics 3
L Where/how do we learn training skills? Training - Internal, External, Online and Distance Learning 9
C First Audit Stop - Employees Washroom - Learn all you need to know about a company General Auditing Discussions 83
C Where can I learn more about IPC-A-610D without training? Various Other Specifications, Standards, and related Requirements 9
U PPAP and AQAP Training - I really want to learn PPAP, APQP, and QS-9000 in detail Training - Internal, External, Online and Distance Learning 3
Marc Todays Topic: Learn Spanish! Coffee Break and Water Cooler Discussions 5
T I'm a Civil Engineer - How can I learn about ISO 9000? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Kevin Mader Is the USA 'Out of the Crisis'? Those that do not learn from history... Philosophy, Gurus, Innovation and Evolution 122
B Criteria for evaluating environmental aspects ISO 14001:2015 ISO 14001:2015 Specific Discussions 8
Marc Predicting COVID-19 Aspects - Pandemic Modeling (Easter 2020) Coffee Break and Water Cooler Discussions 20
A Domain of the component (EASA CM No.: CM-SWCEH-001 Issue 01 Revision 02) Point 9.3.3 (Usage domain aspects) EASA and JAA Aviation Standards and Requirements 0
B Interesting Discussion The legal aspects of Customer Specific Requirements (Contract Law). IATF 16949 - Automotive Quality Systems Standard 12
V Environmental aspects in a bank ISO 14001:2015 Specific Discussions 7
C Legal or Regulatory Requirements as identified in our Environmental Aspects ISO 14001:2015 Specific Discussions 9
qualprod Propose Aspects to evaluate risk impact? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
K Trying to figure out what satisfies a few aspects of IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 2
Pmarszal Label Printing: Medical Device related UDI Requirements - GUDID Aspects Other US Medical Device Regulations 0
Paul Simpson Does Knowledge Management include aspects of Information Security? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
Pmarszal Two Questions on UDI Product Description (GS1 US and GTIN aspects) Other US Medical Device Regulations 2
B ISO 14001:2015 Aspects and Impacts: Haze occurrence (Supplier related) ISO 14001:2015 Specific Discussions 3
M First Article Build (FAB) Process - Build and Test Aspects AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
G Supplier Significant Environmental Aspects - Audit Finding ISO 14001:2015 Specific Discussions 21
Q ISO 9001 Requirement Dilemma - Security Aspects Quality Management System (QMS) Manuals 14
x-files [QMS] Identification and Evaluation of Aspects, Impacts and Risks... ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S Format for Significant Environmental Aspects Study ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
S Justification of Lifetime of a Medical Device including Component Aspects ISO 13485:2016 - Medical Device Quality Management Systems 13

Similar threads

Top Bottom