การบริหารความเสี่ยงด้านความปลอดภัยของข้อมูล ISO/IEC 27005: 2018

With the increasing number of internal and external information security threats, organizations recognize the importance of adopting a formal risk management programme. Without a mechanism to identify, analyse and manage information security risks, it’s difficult for organizations to prioritize their security remediation efforts and resource allocation and associated costs. This leaves organizations more susceptible to security breaches, which can lead to financial and reputational damage.

Building on the concepts and framework specified in ISO/IEC 27001, ISO/IEC 27005:2018 provides guidelines for adopting an information security risk management approach that is appropriate to all organizations.

This course aims to provide you with clear and practical guidance on the framework and steps involved to identify, analyse and manage information security risks. It will help you to review your existing risk treatments and controls and ensure they are appropriate to manage and reduce the identified risks. This will give you the confidence to get the most effective allocation of resources in place to address information security issues for your organization.

ผู้ควรเข้ารับการอบรม

Anyone who wants to learn about:

  • Identifying and analysing information security risks
  • How risks can be evaluated
  • What treatments, controls and measures can be implemented in order to mitigate risks
  • Ongoing governance and risk monitoring processes

เนื้อหาหลักสูตร

By the end of this course delegates will be able to:

  • Explain concepts specific to information risk management, including terms and definitions
  • Recognize typical information security risks faced by organizations
  • Identify typical information security risk management concerns
  • Communicate ISO/IEC 27005:2018 introduction, background, purpose, scope and structure
  • Explain how ISO/IEC 27005:2018 integrates and interfaces with other standards, such as ISO/IEC 27001:2013
  • Implement the topics covered in ISO/IEC 27005:2018 within your organization
  • Determine the value of the information assets under your control
  • Evaluate threats to information assets
  • Identify, analyse and evaluate information security risks
  • Prioritize and choose appropriate risk treatments

ราคานี้รวม

  • ราคานี้รวมค่าเอกสารประกอบการสัมมนา, ค่าแบบฝึกหัด
  • ราคานี้รวมค่าอาหารกลางวัน และคอฟฟี่เบรค จำนวน 2 เบรคแล้ว
  • ราคานี้รวม ราคายังไม่รวม Vat 7% สามารถหัก ณ ที่จ่ายได้
  • ผู้เข้าอบรมจะได้รับใบประกาศนียบัตร เมื่อเข้ารับการอบรมครบตามเกณฑ์ที่กำหนด