Course Overview

Course is designed to expose attendants to the overall risk management process. Focus is on both the data centre infrastructure and the physical data centre facility and equipment

Training DurationTotal Training Hours : 22-24 Hours
Training Duration : 1 Week
Total Training Days : 5 Working Days
Training SchedulesWeekdays (Sunday to Thursday)
Regular Sessions : 6 Hrs Per day (9am to 2pm or 3.00pm to 9.00 pm)
Food & refreshments Included

WeekEnds (Friday & Saturday)
Fast Track Sessions: 8 Hours per day (9am to 5pm)
Food & refreshments Included

1) Certificate from Laurels Training Institute, Attested by Knowledge & Human Development Authority (KHDA) government of Dubai, UAE - With Online Worldwide recognition facility

2) Certificate from American Institute of Professional Studies (AIPS) from USA (After 15 Days of course Completion which will couriered to the attendees office address) - With Online Worldwide recognition facility 

Learning AidsYes
Course MaterialHard & Soft Copies of Study Material
Language of InstructionEnglish
Instructor HelplineYes
1. Email
2. Social Media (For Emergency requirements)
Registration Requirements1. Passport Copy
2. Curriculum Vitae
3. Passport size photographs
4. Course Fee
Mode of Payment:Cash / Cheque / Credit Card / Bank Transfer.
Eligibility Criteria
(Who should attend this training)

The primary audience for this course is an IT, Facilities or Data Centre Operations professional working in and around the data centre (representing both end-customers and/or service provider/facilitators) and having responsibility to achieve and improve hi-availability and manageability of the Data Centre, such as: Data centre managers, Operations / Floor / Facility managers, IT managers, Information security managers, Security professionals, Auditors / Risk Managers / Professionals responsible for IT/corporate governance.

Course Benefits

Understand the different standards and methodologies for risk management and assessment

Establish the required project team for risk management

Perform the risk assessment, identifying current threats, vulnerabilities and the potential impact based on customized threat catalogues

Report on the current risk level of the data center both quantitative and qualitative

Anticipate and minimize potential financial impacts

Understand the options for handling risk

Continuously monitor and review the status of risk present in the data centre

Reduce the frequency and magnitude of incidents

Detect and respond to events when they occur

Meet regulatory and compliance requirements

Support certification processes such as ISO/IEC 27001

Support overall corporate and IT governance
Course Contents / Outline

"Introduction to Risk Management


Risk management concepts

Senior management and risk

Enterprise Risk Management (ERM)

Benefits of risk management

Data Centre Risk and Impact


Risk in facility, power, cooling, fire suppression, infrastructure and IT services

Impact of data centre downtime

Main causes of downtime

Cost factors in downtime

Standards, Guidelines and Methodologies


ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27002:2013

NIST SP 800-30

ISO/IEC 31000:2009



Other methodologies (CRAMM, EBIOS, OCTAVE, etc.)

Risk Management Definitions





Information processing facility

Information security



Risk analysis/Risk assessment/Risk evaluation/

Risk treatment


Types of risk

Risk Assessment Software


The need for software



Risk Management Process


The risk management process

Establishing the context





Communication and consultation

Monitoring and review

Project Approach


Project management principles

Project management methods




Cost estimate methods

Context Establishment


General considerations

Risk evaluation, impact and acceptance criteria

Severity rating of impact

Occurrence rating of probability

Scope and boundaries

Scope constraints

Roles & responsibilities

Training, awareness and competence

Risk Assessment - Identification


The risk assessment process

Identification of assets

Identification of threats

Identification of existing controls

Identification of vulnerabilities

Identification of consequences

Hands-on exercise: Identification of assets, threats, existing controls, vulnerabilities and consequences

Risk Assessment - Analysis and Evaluation


Risk estimation

Risk estimation methodologies

Assessment of consequences

Assessment of incident likelihood

Level of risk estimation

Risk evaluation

Hands-on exercise: Assessment of consequences,

probability and estimating level of risk

Risk Treatment


The risk treatment process steps

Risk Treatment Plan (RTP)

Risk modification

Risk retention

Risk avoidance

Risk sharing

Constraints in risk modification

Control categories

Control examples

Cost-benefit analysis

Control implementation

Residual risk



Effective communication of risk management activities

Benefits and concerns of communication

Risk Monitoring and Review


Ongoing monitoring and review

Criteria for review

Risk scenarios


Risk assessment approach

Data centre site selection

Data centre facility

Cloud computing

UPS scenarios

Force majeure

Organisational shortcomings

Human failure

Technical failure

Deliberate acts"

© Laurels Training Institute 2017. All Rights Reserved.