ISO 27005 Certified Risk Manager

Target Audience

• Person responsible for Risk Management within an organisation
• Person responsible for information security or conformity within an organisation
• Member of the information security team
• Expert advisors in IT
• Staff of organisations implementing or seeking to comply with ISO/IEC 27001:2005

The ISO 27005 “Certified Risk Manager” training enables the participants to master the basic risk management elements related to information using the ISO/IEC 27005:2008 standard as a reference framework. Based on practical exercises and case studies, the participant will be able to perform an optimal risk evaluation and manage risks in time by being familiar with their life cycle. Note that this training fits perfectly in the framework of an ISO 27001 standard implementation process.

General Information:

• A copy of the ISO/IEC 27005:2008 standard is distributed to the participants for the duration of the training
• A student manual containing over 150 pages of information and practical examples will be distributed to the participants
• A 14 CPE (continuing professional education) participation certificate will be issued to the participants

Learning Objectives

At the end of this course students should be able to:
• Implement, manage and maintain a risk management program
• Introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
• Understand the relationship between the ISMS (including risk management), the security measures and the compliance with the requirements of different stakeholders of an organisation
• Effectively advise organisations on the best practices in Risk Management
• Interpret the requirements of ISO/IEC 27001:2005 on risk management

Pre-Requisites

None

Select a course date to view a detailed course outline.

Course Summary

1: Introduction to risk management according to ISO 27005
1.1: Concepts and definitions related to risk management
1.2: Standards, frameworks and methodologies in risk management
1.3: Implement a risk management program
1.4: Risk analysis (identification and estimation)

2: Risk management and risk treatment according to ISO 27005
2.1: Risk Assessment
2.2: Risk Treatment
2.3: Acceptance of risk and management of residual risks
2.4: Risk communication
2.5: Monitoring and controlling risk

Examinations

“ISO/IEC 27005:2008 Certified Risk Manager” (2 hours)

Exam administered by PECB

Project Management

IT & Service Management

Leadership & Development

Tailor Your Own Search

Top Ten Searches