0345 4506120

ISO/IEC 27005 Risk Manager

The training will help you to properly align organizations Information Security Management system with Information Security Risk Management process. Also, when obtaining the PECB Certified ISO/IEC 27005 Credentials you will be able to help organizations to continually improve an information security risk management process which leads the organization towards achieving its objectives.

Benefits of ISO/IEC 27005 Information Security Risk Management ISO/IEC 27005 Certificate will prove that you have:

  • Gained the necessary skills to support an effective implementation of an information security risk management process in an organization.
  • Acquired the expertise to responsibly manage an information security risk management process and ensure conformity with legal and regulatory requirements.
  • The ability to manage an information security and risk management team.
  • The ability to support an organization to align their ISMS objectives with ISRM process objectives.

Educational Approach

  • This training is based on both theory and best practices used in Information Security Risk Management
  • Lecture sessions are illustrated with examples based on cases studies
  • Practical exercises are based on a case study which includes role playing and discussions
  • Practice tests are similar to the Certification Exam

We don't currently have any courses listed for ISO/IEC 27005 Risk Manager, would you like to view all courses for Information & Cyber Security?

Learning Objectives

  • Acknowledge the correlation between Information Security risk management and security controls
  • Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence to effectively advise organizations in Information Security Risk Management best practices

Pre-Requisites

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

Course Content

Day 1 – Information Security controls as recommended by ISO/IEC 27002

  • Course objectives and structure
  • Concepts and definitions of risk
  • Standard and regulatory framework
  • Implementing a risk management programme
  • Understanding the organization and its context

Day 2 – Implementation of a risk management process based on ISO/IEC 27005

  • Risk identification
  • Risk analysis and risk evaluation
  • Risk assessment with a quantitative method
  • Risk treatment
  • Risk acceptance and residual risk management
  • Information Security Risk Communication and Consultation
  • Risk monitoring and review

Day 3 – Overview of other Information Security risk assessment methods and Certification Exam

  • OCTAVE Method
  • MEHARI Method
  • EBIOS Method
  • Harmonized Threat and Risk Assessment (TRA) Method

Exams & Certification

The exam is on the last day of the course. Once you have passed your exam you can apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Our Customers Include