a focus on information security, this course addresses risk management
according to the international ISO/IEC 27005 standard. It introduces the
participant to risk management basic concepts, and helps him/her to get
familiarized with the overall information security risk assessment and
completing the course, the student will be able to identify the main
information security risks in his/her organization and define mechanisms to
address these risks appropriately.
- To explain the purpose of Risk Management and the processes to evaluate and manage information security risks.
- To understand the ISO 27005 standard as the guidelines for information security risk management.
- To understand the ISO 27005 basic terms and definitions.
- To provide a supporting guide for the implementation of an Information Security Management System based on ISO/IEC 27005.
- To understand the risk assessment and analysis processes.
- To provide guidelines for decision making based on the risk analysis.
This course is aimed to:
- Professionals who want to implement or are currently implementing an Information Security Management System within their organization.
- Professionals who want to improve information security risk management.
- People requiring to learn and understand risk assessment and management techniques in matter of information security.
- People involved or playing a role in information security management who require a deeper understanding of the international standard for managing risks.
There are no
mandatory prerequisites; however, it is recommended that the participant holds
the Information Security Foundation certificate based on ISO/IEC 27002 or
knowledge on ISO/IEC 27001:2013.
The course has the following characteristics:
- It is structured in thematic units, with a balance between theory and practice.
- The courseware material includes theory, practical exercises, study cases and complementary content.
- A certificate of course completion is delivered.
- The length is 3 days.
- Has a minimum requirement of 6 and a maximum of 25 participants.
The course has the following topics:
- Information Security Risk Management Introduction
- Information Security Risk Management Process
- Information Security Risk Management Context Establishment
- Information Security Risk Assessment
- Information Security Risk Treatment
- Information Security Risk Monitoring, Reviewing and Communication
- Review and Evaluation
Advantages offered by Global Lynx
Our instructors are certified in different Risk Management, Information Security, ISO/IEC and ITSM disciplines and have extensive experience in:
- The design and implementation of Information Security Management Systems.
- The design and development of Business Continuity Plans, Disaster Recovery Plans and Business Impact Analysis in public and/or private organizations.
- The selection, implementation and configuration of tools and controls which support the Business Continuity Management and Information Security.
- The teaching of several Risk Management, Information Security, Business Continuity, ISO and ITSM training courses in the academic and the professional fields.
The participant receives a high quality student handout.