• Location(s) Available
  • Date(s) Available
  • Certificate Level

Secured with 2048-bit SSL encryption



Course Duration: 3 days | English

Places Remaining


A deep dive for Information Risk Managers on effective information security risk assessment through practical risk management methodologies.
  • Learn the process of conducting an effective information security risk assessment through practical risk management methodologies as promoted by ISO 27005. Attendees will develop their understanding of ISO 27005, find out how a risk assessment works and gain experience with hands-on study. Courses are presented by an experienced ISO 27001 practitioner offering real-world expertise and insight.
  • Information security managers responsible for ISO 27001 implementation and maintenance
  • Delegates who have attended the ISO27001 Certified ISMS Lead Implementer course and want to further develop their practical risk management skills
  • Compliance Officers and Risk Managers who need to understand information security risk management processes
  • ISO 27001 consultants who want to advise clients on implementing information security risk management frameworks
  • Delegates sit the ISO27005 Certified ISMS Risk Management (CIS RM) examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ
Day 1
  • The role and importance of risk management in an organisation
  • Why risk management is the core competence of information security management
  • Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology
  • How ISO 27005 is related to the ISO 31000:2009 risk management standard
Day 2
  • How vsRisk™ information security risk assessment software can help you save time and money
  • The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review
  • How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard
Day 3
  • ‘Hands-on’ practical experience in carrying out an effective risk assessment process as defined by ISO/IEC 27005:2011
  • The competence to advise third-party organisations on information security risk management