25,000+ Courses Nationwide
0345 4506120

Managing Cyber Security Risk - IBITGQ

The world's first accredited cyber security management course.

Modern organisations face the constant threat of cyber attack. Creating an effective cyber risk strategy to mitigate the risk of cyber crime is the only way to ensure your survival, but cyber security management can be complex and costly. With so many standards, best practices and technical controls to choose from, how do you get started on your plan?

The three-day Managing Cyber Security Risk classroom training course builds on basic foundation-level knowledge of information security management practices to equip practitioners with the expertise to manage cyber security risk and meet compliance objectives in organisations of any size. It also supports professional development: delegates who pass the included exam are awarded the ISO 17024-accredited Managing Cyber Security Risk (CCRMP) qualification by IBITGQ.

Drawing on real-life case studies, an experienced senior information risk consultant will provide you with insights to enable you to create a blueprint for a plan that not only includes the implementation of technical measures (controls) but also takes into account the people, processes, governance, leadership and culture in your organisation.

Who should attend this course?

  • Senior directors (CEO, CIO, CSO) responsible for strategic and business planning.    
  • IT and information security managers responsible for cyber security.    
  • ISO 27001 Lead Implementers and Lead Auditors.    
  • PCI QSAs and other PCI DSS practitioners.
  • Professionals who hold CISA, CISM, CISSP, CRISC or CISMP certifications, and who wish to apply their current knowledge to the broader context of cyber security.    
  • Risk and compliance managers or consultants who require an understanding of cyber security risk management outcomes and processes.    
  • Information security practitioners who want to develop a cyber security career.

Select specific date to see price, venue and full details.

Learning Objectives

  • The nature of cyber risk and types of cyber attack.
  • The difference between cyber security  and cyber resilience.
  • Practical lessons with examples of real cyber breaches.
  • An understanding of current cyber security  standards and best practices:    
    • PAS 555
    • 10 Steps to Cyber Security
    • 20 Critical Controls for Cyber Defence
    • Cyber Essentials scheme
    • ISO 27001 and integrated management systems
    • Links to other standards, including ISO 20000
    • Other frameworks, such as NIST, COBIT 5, the PCI DSS and RESILIA
  • The role and the importance of people, processes  and technology.
  • Approaches to risk management, cyber incident response  and business continuity.
  • How ISO 27001 provides a backbone for protecting your organisation.
  • Why ISO 22301 is essential to achieving cyber resilience in the event of an attack.

And, because it’s important to prove that your plan is working:

  • How to demonstrate cyber security  assurance to stakeholders including your board, staff, partners  and customers.

The course also includes a case study workshop that explores tackling cyber security within a fast-growing international organisation.


While there are no formal entry requirements, all delegates are expected to have a practical understanding of information security.

Course Content

Day 1

  • Cyber risk – geo-political, legal and business context
  • Governance response
  • Cyber risk management
  • Threat landscape and threat intelligence


Day 2

  • Standards and frameworks
  • Standards and cyber security maturity
  •     (includes Cyber Essentials, 10 Steps to Cyber Security and 20 Critical Controls for Cyber Defence)    
  • Cyber security programmes and PAS 555


Day 3

  • Group case study exercise
  • Examination

Exams & Certification

Gain the Managing Cyber Security Risk (CCRMP) qualification

This course will prepare you for the examination, which takes place on the last day of the training programme. Successful candidates will be awarded the Managing Cyber Security Risk (CCRMP) qualification, issued by the International Board for IT Governance Qualifications (IBITGQ). There is no extra charge for taking the exam at the end of the course.

This course also qualifies for 21 CPD/CPE credits.


Exam results and certificates

  • Where exams are taken online (either remotely or by computer in the classroom), provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within 10 working days from the date of the exam.
  • Where exams are done in paper form, we aim to make confirmed exam results available within 10 working days from the date of the exam.
  • For both online and paper exams, certificates for those who have achieved a passing grade will be issued within 10 working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.


Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


We work with the best