Course Outline
1. Introduction to risk management
2. Risk assessment methodologies
3. The ISO 27005 information security risk management framework and process model
4. Classification and identification of information assets
5. Definition of threats to information assets
6. Identification of the vulnerabilities these threats might exploit
7. Risk analysis: risk scoring using scales and simple calculations
8. An introduction to risk analysis tools
9. Risk evaluation and acceptance strategies
10. Risk treatment and the selection of mitigating control measures
11. Review and continual improvement of risk assessment and management
12. Risk communications and consultation
13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS
Testimonials
I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.
Andreas Rhein
The delivery
- Department for Communities
Depth and breadth of the course. Trainer was excellent also.
- Department for Communities
Examples provided
- Department for Communities
Trainer's vast knowledge
FUJITSU TECHNOLOGY SOLUTIONS SP. Z O.O.
Martin was very knowledgeable and gave really good tips; he allowed plenty of time for discussion and allowing us to ask questions. It was really well delivered, even virtually which sometimes is a difficult medium to work with.