Course Outline

Day 1 Introduction to ISO 27005, concepts and implementation of a risk management program

  • Section 01: Course objectives and structure
  • Section 02: Standard and regulatory framework
  • Section 03: Concepts and definitions of risk
  • Section 04: Implementing a risk management programme
  • Section 05: Context establishment

Day 2 Risk identification, evaluation, and treatment as specified in ISO 27005

  • Section 06: Risk Identification
  • Section 07: Risk Analysis
  • Section 08: Risk Evaluation
  • Section 09: Risk Assessment with a quantitative method
  • Section 10: Risk Treatment

Day 3 Information Security Risk Acceptance, Communication, Consultation, Monitoring and Review

  • Section 11: Information security risk acceptance
  • Section 12: Information security risk communication and consultation
  • Section 13: Information security risk monitoring and review

Day 4 Risk Assessment Methodologies

  • Section 14: OCTAVE Method
  • Section 15: MEHARI Method
  • Section 16: EBIOS Method
  • Section 17: Harmonized Threat and Risk Assessment (TRA) Method
  • Section 18: Applying for certification and closing the training

Day 5 Certification Exam

Requirements

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

  35 Hours
 

Testimonials (4)

Related Courses

ISO/IEC 27005 Introduction

  7 Hours

ISO/IEC 27005 Foundation

  14 Hours

ISO 9001 Foundation

  14 Hours

ISO 9001 Lead Implementer

  35 Hours

ISO 9001 Lead Auditor

  35 Hours

ISO 22301 Lead Implementer

  35 Hours

ISO 22301 Lead Auditor

  35 Hours

ISO 22316 Foundation

  14 Hours

ISO 27002 Lead Manager

  35 Hours

ISO 27799 Foundation

  14 Hours

ISO/IEC 27035 Introduction

  7 Hours

Related Categories