ISO/IEC 27005:2011 Information Security Management System (ISMS) Risk Management Course
Organizations of all types are concerned by threats that could compromise their information security. These threats may take any form from identity theft; risks of doing business on-line all the way to theft of equipment or documents which could have a direct impact on businesses, with possible financial loss or damage, loss of essential network services etc.. This course will help you to understand the information security risks you face while implementing and operating an Information Security Management System.
The objective of this course is to provide delegates with the specific guidance and advice to support the implementation of requirements defined in ISO/IEC 27001 that relate to risk management processes and associated activities. The course will provide delegates with a Risk Management framework for development and operation.
Who should attend?
- Staff tasked with the implementation and management of a ISO/IEC 27001 Information security management system
- Information Security Managers
- Risk managers
- Information security consultants
What will I learn?
- Description of information security risk assessment
- Information security risk management process overview
- Information security risk assessment approaches
- Asset Identification and valuation
- Impact assessment
- Risk identification
- Risk analysis
- Threats Identification and ranking
- Vulnerabilities methods for vulnerability assessment
- Risk estimation
- Risk evaluation
- Basic Risk Criteria
- Risk Evaluation Criteria
- Risk Impact Criteria
- Risk Acceptance Criteria
- Risk treatment
- Risk reduction
- Risk retention
- Risk avoidance
- Risk transfer
- Monitoring and review of risk factors
- Risk management monitoring, reviewing and Improving
What are the benefits?
Both the objective and result of the course will be to assist the implementation of information security based on a risk management approach under the expert tutelage and guidance of a BSI tutor. Take the knowledge and skills imparted during this exercise and use them to improve and protect your business.
Participants who successfully complete the course will be issued a certificate by BSI