ISO in the Sun: ISO/IEC 27005 Information Security Risk Manager

Tijdsduur
Trainer
Martin Holzke
Logo van ISO in the Sun

Tip: meer info over het programma, prijs, en inschrijven? Download de brochure!

Startdata en plaatsen

Er zijn nog geen startdata bekend voor dit product.

Beschrijving

This three day course provides an overview to the principles of risk management in information security based on ISO/IEC 27005:2018, and how to apply the same across an organisation, eg for the context of certification to ISO/IEC 27001:2013.

Overview

This three day course enables participants to develop the necessary expertise to support an organisation in implementing risk management processes related to all assets of relevance for information security based on ISO/IEC 27005:2018.

ISO/IEC 27005:2018 builds onto the generic risk management principles set out in ISO 31000:2018, and applies those to the context of an information security management system (ISMS), thus providing a framework …

Lees de volledige beschrijving

Veelgestelde vragen

Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.

Nog niet gevonden wat je zocht? Bekijk deze onderwerpen: ISO 27005, Risicomanagement, IT Beveiliging / Security, ISO 9001 en ISO/ IEC 20000.

This three day course provides an overview to the principles of risk management in information security based on ISO/IEC 27005:2018, and how to apply the same across an organisation, eg for the context of certification to ISO/IEC 27001:2013.

Overview

This three day course enables participants to develop the necessary expertise to support an organisation in implementing risk management processes related to all assets of relevance for information security based on ISO/IEC 27005:2018.

ISO/IEC 27005:2018 builds onto the generic risk management principles set out in ISO 31000:2018, and applies those to the context of an information security management system (ISMS), thus providing a framework for satisfying the risk management requirements of ISO/IEC 27001:2013.

The course consists of a mix of presentation, discussion and exercises based on real-world examples.

Outline

Introduction to Information Security Risk Management per ISO/IEC 27005:2018

  • Concepts and Definitions relating to Risk Management
  • Risk Management Standards, Frameworks and Methodologies
  • Implementation of a Risk Management Framework
  • Understanding an Organization and its Context

Elements of the Risk Management Framework

  • Risk Identification
  • Risk Analysis and Risk Evaluation
  • Risk Treatment
  • Risk Acceptance and Residual Risk Management
  • Risk Communication and Consultation
  • Risk Monitoring and Review

Examples of Risk Assessment Methodologies

  • Operational Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)
  • Harmonised Risk Analysis Method (MEHARI)
  • Expression of Needs and Identification of Security Objectives (EBIOS)
  • Harmonized Threat and Risk Assessment (TRA)

Objectives

Completion of this course will enable students to

  • Understand concepts, approaches, methods, tools and techniques for effective information security risk management according to ISO/IEC 27005:2018
  • Understand the relationship between risk management, controls and ISO/IEC 27001:2013
  • Implement, maintain and manage an ongoing
  • information security risk management program
  • Advise organisations on best practices in information security risk management

Audience

This course is aimed at students with (future) roles like

  • Risk managers and Information security officers
  • Project managers, consultants and team members implementing and operating information security management systems
  • Auditors requiring more risk management insight

Prerequisites

General understanding of common business processes.

Some past exposure to risk management and / or management systems helpful, but not required.

Examination and Certification

The course ends with a two hour written essay-style exam on the last day available in multiple languages.

This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.

Exam and first year certification fees are included in the course fees.

Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.

ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions. 

Blijf op de hoogte van nieuwe ervaringen

Er zijn nog geen ervaringen.

Deel je ervaring

Heb je ervaring met deze cursus? Deel je ervaring en help anderen kiezen. Als dank voor de moeite doneert Springest € 1,- aan Stichting Edukans.
Martin Holzke - ISO in the Sun: Continuing Professional Education in beautiful Lanzarote
Martin Holzke
ISO in the Sun: Continuing Professional Education in beautiful Lanzarote

Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.

Download gratis en vrijblijvend de informatiebrochure

Aanhef
(optioneel)
(optioneel)
(optioneel)
(optioneel)
(optioneel)
(optioneel)

Heb je nog vragen?

(optioneel)
We slaan je gegevens op om je via e-mail en evt. telefoon verder te helpen.
Meer info vind je in ons privacybeleid.