Course Outline

Day 1 Introduction to ISO 27005, concepts and implementation of a risk management program

  • Section 01: Course objectives and structure
  • Section 02: Standard and regulatory framework
  • Section 03: Concepts and definitions of risk
  • Section 04: Implementing a risk management programme
  • Section 05: Context establishment

Day 2 Risk identification, evaluation, and treatment as specified in ISO 27005

  • Section 06: Risk Identification
  • Section 07: Risk Analysis
  • Section 08: Risk Evaluation
  • Section 09: Risk Assessment with a quantitative method
  • Section 10: Risk Treatment

Day 3 Information Security Risk Acceptance, Communication, Consultation, Monitoring and Review

  • Section 11: Information security risk acceptance
  • Section 12: Information security risk communication and consultation
  • Section 13: Information security risk monitoring and review

Day 4 Risk Assessment Methodologies

  • Section 14: OCTAVE Method
  • Section 15: MEHARI Method
  • Section 16: EBIOS Method
  • Section 17: Harmonized Threat and Risk Assessment (TRA) Method
  • Section 18: Applying for certification and closing the training

Day 5 Certification Exam

Requirements

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

  35 Hours
 

Number of participants


Starts

Ends


Dates are subject to availability and take place between 09:30 and 16:30.
Open Training Courses require 5+ participants.

Testimonials (1)

Related Courses

ISO/IEC 27005 Introduction

  7 Hours

ISO/IEC 27005 Foundation

  14 Hours

Related Categories