About the course
Ensure your organisation achieves and maintains ISO 27001 best practice and compliance
Learn the process of conducting an effective information security risk assessment through practical risk management methodologies as promoted by ISO 27005. Presented by an ISO 27001 practitioner offering real-world expertise and insights.
The three-day ISO27005 Certified ISMS Risk Management classroom course is designed to provide delegates with the knowledge and skills required to fully implement an effective ISO27001-compliant risk management programme.
Using a combination of formal training, practical exercises and relevant case studies, an experienced ISO 27001 trainer and consultant will:
- Take you through the key activities of the ISO 27005 risk management process.
- Help you understand an effective risk management programme using practical examples.
- Demonstrate our unique vsRisk information security risk assessment software.
This course also supports professional development: delegates who pass the included exam are awarded the ISO 17024-accredited ISO27005 Certified ISMS Risk Management (CIS RM) qualification by IBITGQ.
What will you learn?
- The role and importance of risk management in an organisation.
- Why risk management is the core competence of information security management.
- Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
- How ISO 27005 is related to the ISO 31000:2009 risk management standard.
- How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
- ‘Hands-on’ practical experience in carrying out an effective risk management programme as defined by ISO/IEC 27005:2011.
- The key information security risk management processes, including context establishment, risk assessment, risk treatment and monitoring/review.
- The competence to advise third-party organisations on information security risk management.
ISO27005 Certified ISMS Risk Manager (CIS RM) examination
Delegates sit the ISO27005 Certified ISMS Risk Management (CIS RM) examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-accredited exam set by IBITGQ.
There is no extra charge for taking the exam at the end of the course.
Who should attend this course?
- Information security managers responsible for ISO 27001 implementation and maintenance.
- Delegates who have attended the ISO27001 Certified ISMS Lead Implementer course and want to further develop their practical risk management skills.
- Risk managers who need to understand information security risk management processes.
- ISO 27001 consultants who want to advise clients on implementing information security risk management.
While there are no formal entry requirements, we assume that all delegates have knowledge of the best practice as defined in ISO 27002 and ISO 27005 standards. This could be acquired by purchasing and reading these standards, or by attending our ISO27001 Certified ISMS Foundation and/or Lead Implementer training courses.