ISO/IEC 27005 Lead Risk Manager training

Description

The ISO/IEC 27005 Lead Risk Manager training course enables participants to develop the skills needed to help organizations establish, manage and improve an information security risk management program, in line with the guidelines of the ISO/IEC 27005 standard. In addition to exploring the essential activities for implementing such a program, this course also focuses on best practices and methods in information security risk management.

Why take part in this training course?

Risk management is a fundamental element of any information security program. An effective program enables organizations to identify, assess, mitigate and even prevent information security risks.
The ISO/IEC 27005 Lead Risk Manager course provides a structured framework for managing information security risks, in line with the guidelines of ISO/IEC 27005, while supporting the general concepts of ISO/IEC 27001. Participants will also gain an in-depth understanding of other recognized risk management frameworks and methodologies, such as OCTAVE, EBIOS, MEHARI, CRAMM, NIST and the harmonized EMR methodology.
The PECB ISO/IEC 27005 Lead Risk Manager certificate attests that the participant has acquired the skills and knowledge necessary to successfully implement the processes required for an effective information security risk management program. It also demonstrates the holder's ability to help organizations maintain and continually improve their risk management program.
At the end of the course, an examination will be offered. If you pass, you can apply for PECB Certified ISO/IEC 27005 Lead Risk Manager certification. For more information on the examination process, please see the section on examinations, certifications and general information below.

Translated with DeepL.com (free version)

Day 1: Introduction to ISO/IEC 27005 and risk management

  • Overview of current standards and regulations.
  • Exploration of the fundamental concepts and principles of risk management
  • information security risk management.
  • Implementation of an information security risk management program.
  • Define the context of risk management.


Day 2: Risk management according to ISO/IEC 27005:2022

  • Identification of potential risks.
  • In-depth risk analysis.
  • Assessment of identified risks.
  • Development of risk management strategies.


Day 3: Risk communication, analysis and reporting

  • Communication strategies for information security risk consultations.
  • Recording and reporting risk information.
  • Monitoring and continuous re-evaluation of risks.


Days 4 & 5: Risk assessment methods

  • Presentation of the OCTAVE and MEHARI methods.
  • Introduction to the EBIOS method.
  • Exploration of the NIST cybersecurity framework.
  • Analysis of CRAMM and TRA methods.
  • Final half-day :
  • Taking the ISO/IEC 27005 Lead Risk Manager certification exam
  • Manager certification exam (duration: 3 hours).
    Please note: The course material and the PECB ISO/IEC 27005 Lead Risk Manager exam are available in French and English.

This course is designed for :

  • Managers or consultants involved in or responsible for information security in an organization
  • Individuals responsible for information security risk management
  • Members of information security teams, IT professionals and privacy officers
  • Individuals responsible for maintaining compliance with the information security requirements of IEC 27001 within an organization
  • Project managers, consultants or expert advisors seeking to master information security risk management

Participation in this training course requires a fundamental understanding of the IEC 27005 standard and in-depth knowledge of risk management and information security.

On completion of this course, you will be able to:

  • Describe the concepts and principles of risk management according to ISO/IEC 27005 and ISO 31000.
  • Establish, maintain and refine an information security risk management framework, in line with ISO/IEC 27005 guidelines.
  • Implement information security risk management processes in accordance with ISO/IEC 27005 recommendations.
  • Organize and execute risk communication and consultation activities.
  • Monitor, evaluate and improve the information security risk management framework and process, taking into account the results of risk management activities.
     

Training Details

  • Reference : VIR-FISOLRM01
    Training location : Virtual Classroom
    Date :
    Duration : 5 Days
    Price : FCFA1,290,000

Currency

Training location

We design, build and support digital products for clients who want to make a positive impact in their industry. Creative with technology, we develop great solutions to help our clients grow and especially by strengthening our relationships based on continuous improvement, maintenance, support and hosting services.

Follow us