This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

ISO 27005 Certified ISMS Risk Management

What is ISO 27005 Risk Management?

ISO 27005 is the international standard that describes how to conduct an information security risk assessment in accordance with the requirements of ISO 27001. Conducting a risk assessment is one of the core requirements of all cyber security and privacy laws, including the EU’s GDPR (General Data Protection Regulation), the NIS Regulations (Network and Information Systems Regulations 2018) and other leading laws related to information security. Risk assessments are one of the most important parts of an organisation’s ISO 27001 compliance project. ISO 27001 requires you to demonstrate evidence of information security risk management, risk actions taken and how relevant controls from Annex A have been applied.

ISO 27005 Certified ISMS Risk Management course content

If you are responsible for implementing and maintaining an ISO 27001-compliant ISMS (information security management system) and want to develop your practical risk management skills, this course is the perfect starting point.

The course covers the following areas:

  • The importance of information security risk management in ISO 27001 and its role within an organisation.
  • A full overview of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
  • How ISO 27005 is related to the ISO 31000 risk management standard.
  • The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review.
  • How to assess, analyse and treat identified information security risks in accordance with the guidance of ISO 27005. 
  • How to communicate, monitor and review risk management activities. 
  • How to use risk management to achieve certification and maintain compliance with ISO 27001.
  • How information security risk assessment software can help you save time and money.
  • How to advise third-party organisations on information security risk management.

The Certificate in ISMS Risk Management (CIS RM) course exam

To achieve the CIS RM qualification, you must pass a 90-minute multiple-choice exam.

ISO 27005 Certified ISMS Risk Management course

Learn how to conduct an ISO 27001-compliant risk assessment from start to finish in just three days through practical risk management methodologies as promoted by ISO 27005.

Why train with IT Governance?

  • Leading global provider of IT governance, risk management and compliance solutions.
  • All courses are designed by experts and delivered by experienced trainers.
  • Flexible booking process – if you need to change the date for a training course that you have booked, you can do so here.
  • Take advantage of the wealth of free resources and affordable tools and support once you have completed your training.
  • Focused on improving knowledge, developing skills and awarding certification.
  • IT Governance courses are guaranteed to run – we never cancel a course.

Speak to an expert

Please contact our team for advice and guidance on our products and services.