ISLF Work Groups & Processes for ISO 27001 Certification Training and More

Work Groups @ ISLF

Beginning in 2023, the Information Security Leadership Forum will be launching an initiative to begin hosting Work Groups on various topical areas of professional practice in the field of Information Security. 


The objective of ISLF work groups is to establish and arrive at a consensus on new professional practice model and methodologies, as well as updating of existing one. These will form the basis of new official study guides and associated certification training courses available through the Forum.

The Process

Stage 1 - Base Development

The Forum's strategic training partner company, the Center for Information Management and Assurance, independently builds a topical development model, which includes prerequisites, the development process, operational execution models, and identification of linked processes. To complement this, an edition one (1) narrative e-Book is prepared and published as the Forum's Common Body of Knolwedge, and will serve as the official study guide for the respective certification course.

an oval shaped window with five sillouettes of business professional standing in the background

Stage 2 - Work Group Formation

Work Groups are formed based on volunteer requests and direct solicitations from the Forum's leadership. Individual chosen, must be able to demonstrate expertise in the topical area of the Work Group. To ensure a managable volume of participants, Work Groups are typically formed with 12 - 20 practitioners.

Stage 3 - Review & Expansion

During stage 3 activity, the Work Group will:

  • review process flow charts, challenge void or oversights, identify misdirected flows, etc.;
  • review edition one narrative documents and identify areas for improvement;
  • review supporting tools such as forms, charts, spreadsheets, etc. for quality, appropriateness, etc.; and
  • in a team approach, take ownership over a section of the material and contribute 10 - 15 pages of expended or new content required for consumption by new or existing practioners.

Stage 4 - Editorial Review

During stage 4, our designated editor(s) will perform a professional editorial review of the documentation as part of the publication quality assurance review.

Stage 5 - Post Editorial Review Validation

To ensure a team's work product(s) is not altered during the editorial process in a way that may change the meaning or quality of its content, members of a Work Group will do a final review during stage 5.

a man in business attire pulling open his shirt to reveal a super hero uniform

Stage 6 -Publication

As part of the final stage of the process, the work product is official published by the Forum, and made accessible through the website.

What's in it For Me?

Many people contribute to community efforts for many reasons, which could include among other things:

  • an opportunity to give back to the community, for the successful and rewarding life your career has given you
  • to help others learn important new skills necessary to work in the industry
  • to improve professional practices
  • help the industry evolve and be equipped with better tools
  • add social contributions to your resume
  • get cited as a contributing author to the published work


The Forum's Work Groups will be an evolving public disclosure area, and be updated as time passes. The current forcast is:

Group Name

Start Date


ISO 27001 Common Body of Knowledge

March 2023

In Stage 1

Information Security Risk Management

March 2023

In Stage 0

Information Security Metrics

May 2023

In Stage 0

Information Security Governance

June 2023

In Stage 0

Information Security Awareness & Training

September 2023

In Stage 0