COURSE OBJECTIVE:
• Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005
• Acknowledge the correlation between Information Security risk management and security controls
• Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
• Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices
• Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program
TARGET AUDIENCE:
• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers
COURSE PREREQUISITES:
A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.
COURSE CONTENT:
• Day 1: Introduction to ISO/IEC 27005, concepts and implementation of a risk management program
• Day 2: Risk identification, evaluation, and treatment as specified in ISO/IEC 27005
• Day 3: Information Security risk acceptance, communication, consultation, monitoring and review
• Day 4: Risk assessment methodologies
• Day 5: Certification Exam
FOLLOW ON COURSES:
Not available. Please contact.