COURSE OBJECTIVE:
• Acknowledge the correlation between Information Security risk management and security controls
• Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005
• Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
• Acquire the competence to effectively advise organizations in Information Security Risk Management best practices
TARGET AUDIENCE:
• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers
COURSE PREREQUISITES:
• A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.
COURSE CONTENT:
• Day 1: Introduction to ISO/IEC 27005 and implementation of a risk management programme
• Day 2: Information security risk assessment, risk treatment and acceptance as specified in ISO/IEC 27005
• Day 3: Risk communication, consultation, monitoring, review and risk assessment methods
FOLLOW ON COURSES:
Not available. Please contact.