|COURSE : CERTIFIED ISO 27005 PROFESSIONAL|
Learn the process of conducting an effective information security risk assessment through practical risk management methodologies as promoted by ISO 27005. Presented by an ISO 27001 practitioner offering real-world expertise and insights.
|Training Duration||Total Training Hours : 30 Hours |
Training Duration : 1 Week
Total Training Days : 5 Working Days
|Training Schedules||Weekdays (Sunday to Thursday)|
Regular Sessions : 6 Hrs Per day (9am to 2pm or 3.00pm to 9.00 pm)
Food & refreshments Included
WeekEnds (Friday & Saturday)
Fast Track Sessions: 8 Hours per day (9am to 5pm)
Food & refreshments Included
1) Certificate from Laurels Training Institute, Attested by Knowledge & Human Development Authority (KHDA) government of Dubai, UAE - With Online Worldwide recognition facility
2) Certificate from American Institute of Professional Studies (AIPS) from USA (After 15 Days of course Completion which will couriered to the attendees office address) - With Online Worldwide recognition facility
|Course Material||Hard & Soft Copies of Study Material|
|Language of Instruction||English|
|Instructor Helpline||Yes |
2. Social Media (For Emergency requirements)
|Registration Requirements||1. Passport Copy|
2. Curriculum Vitae
3. Passport size photographs
4. Course Fee
|Mode of Payment:||Cash / Cheque / Credit Card / Bank Transfer.|
(Who should attend this training)
|This course is intended for managers and prospective implementers of risk management, and for stakeholders in such efforts.|
The role and importance of risk management in an organisation.
Why risk management is the core competence of information security management.
Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
How ISO 27005 is related to the ISO 31000:2009 risk management standard.
How vsRisk™ information security risk assessment software can help you save time and money.
How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
‘Hands-on’ practical experience in carrying out an effective risk assessment process as defined by ISO/IEC 27005:2011.
The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review.The competence to advise third-party organisations on information security risk management."
|Course Contents / Outline|
Introduction, Risk Management Program according to ISO/IEC 27005
Concepts and definitions related to risk management
Risk management standards, frameworks and methodologies
Implementation of an information security risk management program
Understanding of an organisation and its context
Risk Identification and Assessment, Risk Evaluation, Treatment, Acceptance, Communication and Surveillance according to ISO/IEC 27005
Risk analysis and risk evaluation
Risk assessment with a quantitative method
Risk acceptance and residual risk management
Information security risk communication and consultation
Risk monitoring and review
Day 3: Overview of other Information Security Risk Assessment Methods and Certification Exam
Presentation of OCTAVE method
Presentation of MEHARI method
Presentation of EBIOS method
Presentation of Harmonized TRA method
Certification exam which covers the following domains:
Domain 1: Fundamental concepts, approaches, methods and techniques of information security risk management
Domain 2: Implementation of an information security risk management program
Domain 3: Information security risk assessment based on ISO/IEC 27005"