Course Outline

1. Introduction to risk management

2. Risk assessment methodologies

3. The ISO 27005 information security risk management framework and process model

4. Classification and identification of information assets

5. Definition of threats to information assets

6. Identification of the vulnerabilities these threats might exploit

7. Risk analysis: risk scoring using scales and simple calculations

8. An introduction to risk analysis tools

9. Risk evaluation and acceptance strategies

10. Risk treatment and the selection of mitigating control measures

11. Review and continual improvement of risk assessment and management

12. Risk communications and consultation

13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS

 21 Hours

Number of participants


Price per participant

Testimonials (1)

Related Categories