- Provides the knowledge and skills required to undertake an ISO27001 compliant information security risk management based on the best practice requirements outlined in ISO27005.
The ISO/IEC 27005:2011 standard provides guidance and support for the risk management approach specified by ISO 27001. The three-day ISO27005 Certified ISMS Risk Management classroom course is designed to provide delegates with the knowledge and skills required to fully implement an effective ISO27001-compliant risk management programme. The coourse take you through the key activities of the ISO 27005 risk management process, help you understand an effective risk management programme using practical examples.and demonstrate our unique vsRisk information security risk assessment software.
What will you learn?
- The role and importance of risk management in an organisation.
- Why risk management is the core competence of information security management.
- Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
- How ISO 27005 is related to the ISO 31000:2009 risk management standard.
- How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
- ‘Hands-on’ practical experience in carrying out an effective risk management programme as defined by ISO/IEC 27005:2011.
- The key information security risk management processes, including context establishment, risk assessment, risk treatment and monitoring/review.
- The competence to advise third-party organisations on information security risk management.