Course Outline

Day 1 Introduction to ISO/IEC 27005 and implementation of a risk management programme

  • Course objectives and structure
  • Standard and regulatory framework
  • Concepts and definitions of risk
  • Risk management programme
  • Context establishment

Day 2 Information security risk assessment, risk treatment and acceptance as specified in ISO/IEC 27005

  • Risk identification
  • Risk analysis
  • Risk evaluation
  • Risk assessment with a quantitative method
  • Risk treatment
  • Information security risk acceptance

Day 3 Risk communication, consultation, monitoring, review and risk assessment methods

  • OCTAVE method
  • MEHARI method
  • EBIOS method
  • Harmonized Threat and Risk Assessment (TRA) method
  • Applying for certification and closing the training

Requirements

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

  21 Hours
 

Testimonials (4)

Related Courses

ISO/IEC 27005 Introduction

  7 Hours

ISO/IEC 27005 Foundation

  14 Hours

ISO/IEC 27005 Lead Risk Manager

  35 Hours

ISO 9001 Foundation

  14 Hours

ISO 9001 Lead Implementer

  35 Hours

ISO 9001 Lead Auditor

  35 Hours

ISO 22301 Lead Implementer

  35 Hours

ISO 22301 Lead Auditor

  35 Hours

ISO 22316 Foundation

  14 Hours

ISO 22316 Lead Resilience Manager

  35 Hours

Related Categories