CTS

Individual training solutions

+48 12 655 17 36  

ISO 27005

ISO 27005 Foundation

Training name: ISO 27005 Foundation

Duration (in days): 2 days

Description

This course enables participants to learn about the best practices in risk management based on ISO/IEC 27005, as well as understanding how different parts of a risk management program and the implementation stages of an optimal risk assessment are conducted.This course enables participants to learn about the best practices in risk management based on ISO/IEC 27005, as well as understanding how different parts of a risk management program and the implementation stages of an optimal risk assessment are conducted.

Objectives

  • To understand risk management approaches in accordance with ISO/IEC 27005
  • To know the concepts, approaches, standards, methods and techniques allowing effective risk management based on ISO/IEC 27005
    • To understand risk management approaches in accordance with ISO/IEC 27005
    • To know the concepts, approaches, standards, methods and techniques allowing effective risk management based on ISO/IEC 27005

Audience

  • Members of an information security team
  • IT Professionals wanting to gain a comprehensive knowledge of risk management within an organization
  • Staff involved in the implementation of the ISO/IEC 27005 standard
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
    • Members of an information security team
    • IT Professionals wanting to gain a comprehensive knowledge of risk management within an organization
    • Staff involved in the implementation of the ISO/IEC 27005 standard
    • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks

PreRequisites

This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases
  • Review exercises to assist the exam preparation
  • Practice test similar to the certification examThis training is based on both theory and practice:
    • Sessions of lectures illustrated with examples based on real cases
    • Review exercises to assist the exam preparation
    • Practice test similar to the certification exam

Topics

Day 1: Introduction to Risk Management concepts as required by ISO/IEC 27005

  • Introduction to the ISO/IEC 27000 family of standards
  • Introduction to management systems and the process approach
  • Fundamental principles of risk management
  • General requirements: presentation of the clauses 4 to 12 of the ISO/IEC 27005
  • Implementation phases of the ISO/IEC 27005 framework
  • Continual improvement of risk management
  • Conducting an ISO/IEC 27005 certification audit

Day 2: Identification and assessment of risk management in information security according to ISO/IEC 27005, and Certification Exam

  • Risk identification and evaluation
  • Documentation of a risk management program in an information technology environment
  • Monitoring and reviewing the risk management controls
  • Examples of  implementation of risk management controls based on ISO/IEC 27005 best practices
  • The “PECB Certified ISO/IEC 27005 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts of  risk management in information security
    • Domain 2: Information Security Risk Management methods

In case customers from Poland prices can be negotiated

VAT not incl. It concerns only customers from Poland

%}