In collaboration with
The ISO/IEC 27005 Risk Manager training provides valuable information on risk management concepts and principles outlined by ISO/IEC 27005 and ISO 31000.
The course provides participants with the necessary knowledge and skills to identify, evaluate, analyse, treat, and communicate risks based on ISO/IEC 27005. It also provides an overview of other best risk assessment methods, such as:
- OCTAVE
- MEHARI
- EBIOS
- NIST
- CRAMM; and
- Harmonized TRA.
Fees
€510.00 per student exc. VAT
COURSE OUTLINES
Course Agenda
Duration: Can be taken at your own pace.
Day 1: Introduction to ISO/IEC 27005 and risk management
- Training course objectives and structure
- Standards and regulatory frameworks
- Fundamental concepts and principles of information security risk management
- Risk management program
- Context establishment
Day 2 Risk assessment, treatment, acceptance, and risk communication and consultation based on ISO/IEC 27005
- Risk identification
- Risk analysis
- Risk evaluation
- Risk treatment
- Information security risk acceptance
- Information security risk communication and consultation
Day 3 Risk monitoring, review, and risk assessment methods
- Information security risk monitoring and review
- OCTAVE and MEHARI methodologies
- EBIOS method
- NIST framework
- CRAMM and TRA methods
- Closing of the training course
- Certification Exam (2 Hours)
The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:
- Domain 1: Fundamental principles and concepts of information security risk management.
- Domain 2: Implementation of an information security risk management program.
- Domain 3: Information security risk management framework and processes based on ISO/IEC 27005.
- Domain 4: Other information security risk assessment methods.
COURSE DETAILS
Duration: Up to 6 months
Starts: Upon Registration
Ends: After Examination
You'll be signed up to our PECB platform KATE where you will have access to all training procedures.
Certification fees are included on the exam price.
- Training material containing over 350 pages of information and practical examples will be distributed.
- In case of exam failure, you can retake the exam within 12 months for free.
Learning Objectives
By successfully completing this training course, you will be able to:
- The training course is based on the theory and the best practices of information security.
- The training course provides practical examples and scenarios.
- Participants are encouraged to actively participate and engage in discussions and exercises and quizzes.
- Quizzes are similar in structure with the certification exam.
Educational Approach
- Available in Self-Study and eLearning format. Please specify which option you would prefer when registering.
- This training is based on both theory and best practices used in the implementation and management of information security controls.
- Participants are encouraged to communicate and discuss with each other while partaking in exercises and quizzes.
- The structure of quizzes is similar to that of the certification exam.
PREREQUISITES
A fundamental understanding of ISO 27005 and comprehensive knowledge of risk management.
FEES & FUNDING
Through the Get Qualified Scheme, students benefit from tax credits of up to 70% of their course fees after successful completion. Our team can assist you with applying for the Get Qualified scheme when undergoing training at the NOUV Academy.
Businesses seeking to train their staff can benefit from the Investing in Skills Scheme, a government incentive designed to provide support to companies to increase the productivity and adaptability of individuals that are active in the Maltese labour market. Our team will assist you in accessing applicable schemes when enrolling your staff in training courses through the NOUV Academy.