Correct risk assessment methodology is essential for passing an ISO 27001 audit


Risk assessment and risk management play an important role in any information security management system (ISMS) implementation project. They require relevant experience and knowledge of the environment being analysed. Selecting a suitable risk assessment methodology and ensuring that the risk assessment objectives are met is a challenge for any ISO 27001 implementer.
The newly launched ISO 27005 Certified ISMS Risk Management course by information security and compliance specialists IT Governance is entirely focused on teaching delegates how to perform effective ISO 27001 compliant information security risk assessments.
Alan Calder, CEO of IT Governance, says, “If you have little or no experience of carrying out a risk assessment and selecting the right security controls, then this process can turn into a nightmare. Moreover, wrong risk assessment methodology can become a major reason for non-conformities in an ISO 27001 environment.
The team or individuals tasked with assessing the information security risks in their organisations bear a lot of responsibility. The ISO 27005 Risk Management course will provide them with the skills and confidence to develop a successful risk management methodology.”
The ISO 27005 Certified ISMS Risk Management course includes practical sessions that provide delegates with valuable experience they can then apply in their organisation. Exercises include performing real risk assessments using Vigilant Software’s information security risk assessment tool vsRisk™ .
The ISO 27005 Certified ISMS Risk Management course is accredited by the International Board for IT Governance Qualifications (IBITGQ) and is the first one in the UK. The next sitting takes place on 19-21 June 2013, in London. Places can be booked online at:
This website uses cookies. View our cookie policy