Course Outline

1. Introduction to risk management

2. Risk assessment methodologies

3. The ISO 27005 information security risk management framework and process model

4. Classification and identification of information assets

5. Definition of threats to information assets

6. Identification of the vulnerabilities these threats might exploit

7. Risk analysis: risk scoring using scales and simple calculations

8. An introduction to risk analysis tools

9. Risk evaluation and acceptance strategies

10. Risk treatment and the selection of mitigating control measures

11. Review and continual improvement of risk assessment and management

12. Risk communications and consultation

13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS

  21 Hours
 

Testimonials (4)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

CISA - Certified Information Systems Auditor

  28 Hours

Related Categories