Publication date : 03/21/2025
Course : Certified ISO/IEC 27005 Risk Manager, PECB certification
Practical course - 3d
- 21h00 - Ref. RMP
|
Download in PDF format
Share this course by email
 | Explain the concepts and principles of risk management as defined by ISO/IEC 27005 and ISO 31000 |
| Establish, maintain and improve an information security risk management framework |
| Apply information security risk management processes |
| Plan and implement risk communication and consultation activities |
Intended audience
Information security managers, people responsible for maintaining compliance with information security requirements, project managers, expert consultants...
Prerequisites
Be familiar with a best practice guide (ANSSI hygiene, ISO 27002 or equivalent), have completed the introductory cybersecurity course or have equivalent knowledge.
Course schedule
1 Introduction to ISO/IEC 27005 and risk management
- Training objectives and structure.
- Normative and regulatory frameworks.
- Fundamental principles and concepts of information security risk management.
- Risk management program.
- Setting the context.
2 Risk assessment, risk treatment, risk communication and consultation according to ISO/IEC 27005
- Risk identification.
- Risk analysis.
- Risk assessment.
- Risk management.
- Information security risk assessment.
- Communication and consultation on information security risks.
3 Risk recording and reporting, monitoring and review, and risk assessment methods
- Monitoring and review of information security risks.
- OCTAVE and MÉHARI methodologies.
- EBIOS method.
- NIST frame.
- CRAMM and EMR methods.
4 Areas of expertise covered by the exam :
- Area 1: Fundamental principles and concepts of an information security risk management system.
- Area 2: Implementation of an information security risk management program.
- Area 3: Information security risk management framework and ISO/IEC 27005 processes.
- Area 4: Other methods for assessing information security risks
PARTICIPANTS
Information security managers, people responsible for maintaining compliance with information security requirements, project managers, expert consultants...
PREREQUISITES
Be familiar with a best practice guide (ANSSI hygiene, ISO 27002 or equivalent), have completed the introductory cybersecurity course or have equivalent knowledge.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Information security managers, people responsible for maintaining compliance with information security requirements, project managers, expert consultants...
PREREQUISITES
Be familiar with a best practice guide (ANSSI hygiene, ISO 27002 or equivalent), have completed the introductory cybersecurity course or have equivalent knowledge.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Dates and locations
Dernières places
Date garantie en présentiel ou à distance
Session garantie