Who should attend?
Anyone who wants to learn about:
- Identifying and analysing information security risks
- How risks can be evaluated
- What treatments, controls and measures can be implemented in order to mitigate risks
- Ongoing governance and risk monitoring processes
The course is applicable to individuals from any size or type of organization who are currently involved in (or will be in the future) planning, implementing, maintaining, supervising or assessing information security, as part of an ISO/IEC 27001 ISMS or a standalone system.
You should have a basic knowledge of ISO/IEC 27001:2013 and ISO/IEC 27002:2013, as well as an understanding of the key principles of an ISMS.
We also recommend that you have an awareness of generic risk assessments and basic understanding of information security principles and terminology.
Some delegates on this course will have already attended our Information Security Management System (ISMS) Requirements of ISO 27001:2013 or Information Security Management System (ISMS) Implementing ISO/IEC 27001:2013 course.
We also recommend delegates have an understanding of the risk assessment approach currently employed in their organizations, should one exist.