Skip to main content
Image coming soon

SEC9658 Mastering ISO 27001 for ServiceNow Business Analyst Scrum Masters

$199.00
Adding to cart… The item has been added

A tailored course, built for your situation

Mastering ISO 27001 for ServiceNow Business Analyst Scrum Masters

Build authority in information security governance through structured control implementation and cross-functional alignment

$199 one-time
24-hour access provisioning 30-day money-back guarantee Hand-built implementation playbook
12 modules. 12 chapters per module. 144 chapters total.
12 modules, each with 12 chapters (144 chapters total), text-based, plus downloadable templates and a hand-built implementation playbook delivered alongside course access.
Feeling like compliance is something that happens after your work?

The situation this course is for

Many technical practitioners deliver excellent project outcomes, only to see governance teams rework their outputs for ISO 27001 alignment. That gap creates redundancy, delays recognition, and limits influence.

Who this is for

ServiceNow Business Analysts and Scrum Masters operating at the intersection of IT service delivery and compliance readiness

Who this is not for

Standalone auditors, dedicated GRC specialists, or executives seeking board-level reporting frameworks

What you walk away with

  • Define system boundaries and control applicability with authority
  • Produce audit-ready documentation within sprint timelines
  • Lead ISO 27001 control mapping without dependency on external teams
  • Own the risk register and evidence trail for your domain
  • Position yourself as the go-to owner for future compliance expansions

The 12 modules (with all 144 chapters)

Module 1. Understanding ISO 27001 in Agile Contexts
Learn how ISO 27001 applies specifically within iterative development and ServiceNow-driven workflows.
12 chapters in this module
  1. Scope of ISMS in IT service organizations
  2. Agile compliance: where governance meets delivery
  3. Key clauses relevant to business analysts
  4. Mapping ISO 27001 to ServiceNow ITSM modules
  5. Control ownership vs. process ownership
  6. Integrating security into user stories
  7. Defining system boundaries for audit
  8. Documenting asset inventories
  9. Risk assessment entry points
  10. Linking controls to sprint outputs
  11. Common misalignments in dual roles
  12. Case study: integrated control rollout
Module 2. Control Identification and Applicability
Determine which controls apply to your environment and justify exclusions with evidence.
12 chapters in this module
  1. Annex A control overview
  2. Establishing relevance by role
  3. Exclusion justification templates
  4. Control tailoring principles
  5. Role-based applicability matrix
  6. Documenting rationale for auditors
  7. Common pitfalls in scoping
  8. ServiceNow-specific control intersections
  9. Change management as a control
  10. Access review integration
  11. Incident response touchpoints
  12. Third-party risk intersections
Module 3. Risk Assessment Execution
Conduct defensible risk assessments tied to ISO 27001 requirements using repeatable templates.
12 chapters in this module
  1. Risk methodology selection
  2. Asset valuation criteria
  3. Threat modeling basics
  4. Vulnerability identification
  5. Impact and likelihood scoring
  6. Risk treatment options
  7. Risk acceptance workflows
  8. Linking risks to controls
  9. Generating risk register outputs
  10. Maintaining living risk records
  11. Stakeholder review cycles
  12. Audit preparation for risk docs
Module 4. Documented Information Requirements
Produce compliant policies and records that meet auditor expectations without over-documenting.
12 chapters in this module
  1. Required documents in ISO 27001
  2. Policy vs procedure vs record
  3. Minimal viable documentation
  4. Version control for compliance
  5. Retention periods for evidence
  6. Storage location documentation
  7. Access control for documents
  8. Internal audit readiness checklist
  9. Management review inputs
  10. Statement of Applicability structure
  11. SoA update triggers
  12. Document maintenance cadence
Module 5. Control Implementation in ServiceNow
Map ISO 27001 controls to actual ServiceNow configurations and workflows.
12 chapters in this module
  1. User access provisioning controls
  2. Role-based access design
  3. Segregation of duties enforcement
  4. Password policy implementation
  5. Session timeout configuration
  6. Audit log retention settings
  7. Change approval workflows
  8. Emergency change tracking
  9. Backout procedure documentation
  10. Incident escalation paths
  11. Problem record linkage
  12. Service continuity testing
Module 6. Evidence Collection and Maintenance
Establish sustainable practices for gathering and presenting control evidence.
12 chapters in this module
  1. What auditors look for in evidence
  2. Sampling methods
  3. Automated evidence generation
  4. Scheduling periodic reviews
  5. Documenting control operation
  6. Screenshots vs system exports
  7. Timestamp verification
  8. User access reviews
  9. Password compliance reports
  10. Change success rate tracking
  11. Incident resolution metrics
  12. Corrective action follow-up
Module 7. Internal Audit Preparation
Lead readiness efforts for internal and external audits using structured checklists.
12 chapters in this module
  1. Audit planning calendar
  2. Pre-audit self-assessment
  3. Checklist development
  4. Assigning evidence owners
  5. Scheduling walkthroughs
  6. Drafting auditor Q&A
  7. Common findings and fixes
  8. Remediation tracking
  9. Nonconformity response writing
  10. Management review input prep
  11. Audit report distribution
  12. Post-audit action plans
Module 8. Management Review and Reporting
Create concise, actionable reports for leadership on ISMS performance.
12 chapters in this module
  1. Executive summary writing
  2. KPIs for information security
  3. Incident trend reporting
  4. Control effectiveness metrics
  5. Resource gap identification
  6. Audit finding summaries
  7. Risk register updates
  8. Compliance status dashboards
  9. Strategic improvement suggestions
  10. Budget justification inputs
  11. Stakeholder communication rhythm
  12. Year-over-year comparison
Module 9. Continuous Improvement Cycles
Integrate ISO 27001 maintenance into ongoing operations.
12 chapters in this module
  1. PDCA model application
  2. Finding root causes
  3. CAPA workflow design
  4. Lessons learned documentation
  5. Control tuning over time
  6. Updating risk assessments
  7. Revising SoA as systems change
  8. Version control for policies
  9. Stakeholder feedback loops
  10. Benchmarking against peers
  11. Improvement tracking dashboard
  12. Annual review triggers
Module 10. Cross-Functional Alignment
Collaborate effectively with security, compliance, and operations teams.
12 chapters in this module
  1. Speaking the language of compliance
  2. Negotiating control ownership
  3. Escalation path clarity
  4. Joint review sessions
  5. Conflict resolution in control disputes
  6. Building trust with auditors
  7. Influencing without authority
  8. Creating shared goals
  9. Stakeholder influence mapping
  10. Presenting technical issues to non-tech leads
  11. Aligning sprint goals with audit timelines
  12. Coordinating across time zones
Module 11. Extension to Other Frameworks
Leverage ISO 27001 mastery to support other compliance needs.
12 chapters in this module
  1. Mapping to ISO 27701 for privacy
  2. CSA STAR alignment
  3. NIST CSF crosswalk
  4. SOC 2 Type II support
  5. GDPR intersections
  6. CCPA implications
  7. Industry-specific extensions
  8. Cloud provider compliance
  9. Vendor audit readiness
  10. Mergers and acquisitions
  11. Third-party assurance
  12. Global harmonization
Module 12. Sustaining the ISMS
Ensure long-term success of the information security management system.
12 chapters in this module
  1. Leadership engagement strategies
  2. Staff awareness programs
  3. Training plan development
  4. Policy communication
  5. Cultural adoption metrics
  6. Succession planning
  7. Documentation resilience
  8. Onboarding new members
  9. Handling leadership changes
  10. Budget advocacy
  11. External certification path
  12. Maintenance roadmap

How this maps to your situation

  • Preparing for first internal audit
  • Expanding governance responsibility
  • Leading compliance in agile environments
  • Reducing rework between delivery and compliance

Before vs. after

Before
Compliance tasks feel separate from delivery work, requiring rework and external dependencies.
After
You lead control implementation natively within your delivery cycle, expanding your role and influence.

What's included with your purchase

  • 12 modules with 12 chapters each (144 chapters)
  • Downloadable templates and worked examples for every module
  • Hand-built implementation playbook delivered alongside course access
  • 30-day money-back guarantee

Delivery and format

  • Course and learning environment access provisioned within 24 hours of purchase
  • Hand-built implementation playbook delivered alongside course access

Format: Text-based modules and chapters in the Art of Service learning environment, plus downloadable templates and worked examples for every chapter, plus the hand-built implementation playbook delivered alongside course access.

Time investment: Approximately 3 hours per module, designed to be completed in parallel with ongoing work.

If nothing changes
Continuing with fragmented compliance efforts risks redundant work, missed recognition, and lost opportunities to lead broader governance initiatives.

How this compares to the alternatives

Unlike generic compliance courses, this program is tailored to ServiceNow practitioners operating in agile environments, focusing on practical, actionable outputs rather than theoretical overviews.

Frequently asked

Is this course about ServiceNow configuration?
No. It focuses on applying ISO 27001 governance principles within environments using ServiceNow, without teaching the platform itself.
How is the course structured?
12 modules, each containing 12 chapters (144 chapters total).
Will this help me pass an audit?
Yes. You’ll learn how to produce audit-ready documentation and evidence as part of your normal workflow.
$199 one-time. Approximately 3 hours per module, designed to be completed in parallel with ongoing work..

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

30-day money-back guarantee· 144 chapters· Hand-built playbook included· Account access within 24 hours