This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.
1. Introduction to risk management
2. Risk assessment methodologies
3. The ISO 27005 information security risk management framework and process model
4. Classification and identification of information assets
5. Definition of threats to information assets
6. Identification of the vulnerabilities these threats might exploit
7. Risk analysis: risk scoring using scales and simple calculations
8. An introduction to risk analysis tools
9. Risk evaluation and acceptance strategies
10. Risk treatment and the selection of mitigating control measures
11. Review and continual improvement of risk assessment and management
12. Risk communications and consultation
13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS
I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.
Depth and breadth of the course. Trainer was excellent also.
Trainer's vast knowledge
Martin was very knowledgeable and gave really good tips; he allowed plenty of time for discussion and allowing us to ask questions. It was really well delivered, even virtually which sometimes is a difficult medium to work with.
Total Courses 7