Information Security Training Program
ISO/IEC 27005 Professional
The ISO/IEC 27005 Professional course offered by Agility Business Services is an advanced-level training program designed to equip participants with a thorough understanding of the ISO/IEC 27005 guidelines. This course delves into the guidelines for establishing, implementing, managing, improving, and evaluating an Information Security Risk Management (ISRM) system.
Course Outline
- Information Security Background
- Risk Management Background
- Information Security Risk
- Information Security Risk Management Process based on ISO 27005 Standard
- Statement of Applicability and Risk Management
- Risk Heat Maps
- Context establishment
- Information Security Risk Management
- Process Basic Criteria
- Information Security Risk Management
- Scope and Boundaries
- Defining the Organizations Structure
- Information Security Risk Assessment Approaches
- Identification of Information Security Risks
- Information Security Risk Analysis
- Evaluation of Information Security Risks
- Risk Treatment Options and Techniques for Selecting such Options
- Risk Treatment Plan Development and Residual Risk Evaluation
- Acceptance of Information Security Risks
- Risk Recording and Reporting
- Overview of Risk Communication and Consultation
- Risk Communication and Consultation Phases and Plan
- Risk Communication and Consultation Techniques
- Overview of the Risk Monitoring and Review Process
- Monitoring, Reviewing and Improving the Information Security Risk Management Process
Learning Objectives
- Be familiar with the purpose of an information security risk management process, including basic concepts, principles, and other risk management frameworks.
- Be familiar with the information security risk management process, steps, and activities.
- Identify, assess, and treat the information security risks and perform other related activities.
- Be familiar with the basic analysis and methods used to establish a risk management context, assess and manage information security risks and implement security controls.
- Be able to support the information security risk manager in performing risk management activities.
Target Audience
- Information Security Risk Manager, Team Leader or Technician
- Risk Analyst, Model Risk Specialist, Risk Manager
- Business Owner, COO, CIO, CISO
