This one day course allows the participants tofamiliarize themselves with the fundamentals of risk management related toinformation security using the standard ISO/IEC 27005:2011 as a referenceframework. Participants will see different parts of a risk management programand the implementation stages of an optimal risk assessment. It should be notedthat this course fits perfectly into the framework of a process ofimplementation of ISO 27001

•To understand the basics of the implementation, management and maintenance of an ongoing risk management program 

To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk

To interpret the requirements of ISO 27001 on information security risk management

To understand the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization

Course Agenda

•Concepts and definitions related to risk management

Standards, frameworks and methodologies in risk management

Implement a risk management program

Risk identification and risk analysis

Risk evaluation and risk treatment

Acceptance of risk and management of residual risks

Communicating, monitoring and controlling risk

Prerequisites

None

Exam and certification

Not applicable 

General information

•A student manual containing over 100 pages of information and practical examples are given to the participants

A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants

Taken from PECB <https://pecb.com

        IT professionalswishing to obtain a comprehensive understanding of risk management within anorganization