Course Outline

Day 1 Introduction to ISO 27005, concepts and implementation of a risk management program

  • Section 01: Course objectives and structure
  • Section 02: Standard and regulatory framework
  • Section 03: Concepts and definitions of risk
  • Section 04: Implementing a risk management programme
  • Section 05: Context establishment

Day 2 Risk identification, evaluation, and treatment as specified in ISO 27005

  • Section 06: Risk Identification
  • Section 07: Risk Analysis
  • Section 08: Risk Evaluation
  • Section 09: Risk Assessment with a quantitative method
  • Section 10: Risk Treatment

Day 3 Information Security Risk Acceptance, Communication, Consultation, Monitoring and Review

  • Section 11: Information security risk acceptance
  • Section 12: Information security risk communication and consultation
  • Section 13: Information security risk monitoring and review

Day 4 Risk Assessment Methodologies

  • Section 14: OCTAVE Method
  • Section 15: MEHARI Method
  • Section 16: EBIOS Method
  • Section 17: Harmonized Threat and Risk Assessment (TRA) Method
  • Section 18: Applying for certification and closing the training

Day 5 Certification Exam

Requirements

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

  35 Hours
 

Testimonials (3)

Related Courses

ISO/IEC 27005 Introduction

  7 Hours

ISO/IEC 27005 Foundation

  14 Hours

ISO 27002 Lead Manager

  35 Hours

ISO/IEC 27701 Lead Auditor

  35 Hours

ISO/IEC 27001 Lead Implementer

  35 Hours

ISO/IEC 27001 Foundation

  14 Hours

ISO/IEC 27002 Introduction

  7 Hours

ISO/IEC 27001 Lead Auditor

  35 Hours

Related Categories