BCS ISEB Certificate in Information Risk Management (CIRM)

Provided by

Enquire about this course

About the course

CIRM Training
Overview
This course covers the BCS/ISEB Practitioner Certificate in Information Risk Management for Information systems and closely follows the approaches recommended in the ISO 27001 and ISO 27005 Standards.

The course will enable delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination which is taken on the last afternoon of the course.

Prerequisites
Candidates should ideally have at least 2 years’ experience in information security and risk management. An understanding of information security Standards such as ISO 27001, ISO 27002 and ISO 27005 would be beneficial as would attendance on the Certificate in Information Security Management Principles course (or similar). If delegates are uncertain about whether they meet course pre-requisites, they should contact the Training Manager at URM.

Delegates will learn how to
Conduct a risk analysis including business impact analyses and vulnerability assessments
Explain how the management of information risk will bring about business benefits
Explain and make full use of information risk management terminology
Explain the importance of control selection and risk treatment
Evaluate risks and present the results in a way which will form the basis of a risk treatment plan
Course Outline
Concepts & importance of information risk management

The need for risk management
The context of risk in the business
Review of information security fundamentals
The use of international information risk management standards, e.g. ISO/IEC 27001, ISO 27005
The information risk management environment

Developing an information risk management strategy
Information risk assessment, risk treatment and risk management
Assets
Information risk management terminology
Stages of information risk management

Setting the scope
Business impact analyses
Threats, vulnerabilities and likelihood assessments
Risk determination
Risk management controls
Action and implementation

Information risk management methodologies
Reporting and presentation
Decision making
Risk treatment
Risk monitoring
Information classification schemes

Classification process
Classification issues
Typical classification schemes
Practical exercises

Why conduct a risk assessment?
Scoping a risk assessment
Conducting a Business Impact Analysis
Vulnerability and threat identification
Categorisation of threats
Assessing threat likelihood
Assessing vulnerability of assets to threats
Risk calculation
Produce recommendations for risk treatment
Producing a report for management
Different risk appetites
Producing a risk treatment plan
Risks in Outsourcing
After taking the course delegates will be able to sit a formal 3 hour examination set by BCS ISEB. The examination will comprise:

Section 1:

10 multiple choice questions

6 short answer questions

Section 2:

3 scenario based essay style questions.

Students will need to obtain a pass mark of at least 65% in Section 1 and an overall pass mark of 65% or more to pass the examination.

This course covers the BCS/ISEB Practitioner Certificate in Information Risk Management for Information systems and closely follows the approaches recommended in the ISO/IEC 27001 and BS 7799-3 Standards.

The course will enable delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination which is taken on the last afternoon of the course.

Cost: £1795 + VAT

CIRM Training Inverness, Aberdeen, Glasgow, Edinburgh, Dundee, Dunfermline and other sites throughout the UK including onsite closed company courses are available.

CIRM Training Saudi Arabia, Bahrain, Kuwait, Qatar, Abu Dhabi, Dubai, India, Ghana and Nigeria is also available.

Enquire

Start date Location / delivery
No fixed date Online

Related article

More than 120,000 police officers will receive cyber security training in a bid to help make the UK one of the safest places in the world to go onl...