Building up information security according to ISO 27005
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.
-
COURSE OBJECTIVES
By the end of the course, you will be able to:
- Define risk management best practices tailored for information security
-
Learn how to conform to the standards of an Information Security Management System (ISMS), as required by ISO/IEC 27001
-
Identify and assess cyber security risk
-
Understand risk likelihood and the consequences for the business
-
Establish a priority order for risk treatment
-
Create an effective risk treatment
-
COURSE AUDIENCE
This course is made for :
- ISO 27005 is applicable to all organizations, regardless of size or sector
- The course supports the general concepts specified in ISO 27001
- The course and is designed to assist the satisfactory implementation of information security based on a risk management approach
-
COURSE OUTLINE
Day One
- Introduction to risk management
- Risk assessment methodologies
Day Two
- The ISO 27005 information security risk management framework and process model
- Classification and identification of information assets
- Definition of threats to information assets
Day Three
- Identification of the vulnerabilities these threats might exploit
- Risk analysis: risk scoring using scales and simple calculations
Day Four
- An introduction to risk analysis tools
- Risk evaluation and acceptance strategies
- Risk treatment and the selection of mitigating control measures
Day Five
- Review and continual improvement of risk assessment and management
- Risk communications and consultation
- Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS
Keyword
Training Subject
Training Location