Skip to Main Content
This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
ISO 27005 Certified ISMS Risk Management Training Course

ISO 27005 Certified ISMS Risk Management

SKU: 4209

Learn how to conduct an ISO 27001-compliant risk assessment from start to finish in just three days through practical risk management methodologies as promoted by ISO 27005.


Developed by IT Governance, the UK’s leading ISO 27001 consultancy company, this course is presented by an ISO 27001 practitioner offering real-world expertise and insights.


Three days in central London.


See Course Agenda below for timetable.


Achieve the ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated). Exam included.


“Fantastic training to compile all my old risk management know-how, in a very good structured way but also according to the ISO regulations. I am going to recommend it to my colleagues and friends.”

Kirsty - course attendee

How to Book:

Simply book online to receive your booking confirmation and full joining instructions within 48 hours. We accept purchase orders from local authorities, government departments and other public-sector organisations, and will consider account facilities for large corporate customers. See our payment options page for details.

Book today

Course Locations

Price: £1,495.00
ex vat
call to book via purchase order


Get the global ISO 27001 experts on your side

IT Governance is internationally recognised as the authority on ISO 27001. Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 7,000 professionals on information security management system (ISMS) implementations and audits.


Course highlights


Develop your understanding of ISO 27005

Get to grips with the key activities of the ISO 27005 risk assessment process.


Find out how a risk assessment works

Learn how a risk assessment works in action using a combination of formal training, practical exercises and relevant case studies.


Gain experience with hands-on study

Gain practical experience in carrying out an effective risk assessment process as defined by ISO/IEC 27005:2011 through discussion, case studies and role play.



Professional development

Attendees who pass the included exam are awarded the ISO 17024-certificated ISO27005 Certified ISMS Risk Management (CIS RM) qualification by IBITGQ.


Course Agenda

Course Timetable:

  • Day 1: 9:30 am – 5:00 pm
  • Day 2: 9:15 am – 5:00 pm
  • Day 3: 9:15 am – 3:00 pm

What will you learn on this course?

  • The importance of information security risk management in ISO 27001 and its role within an organisation.
  • A full overview of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
  • How ISO 27005 is related to the ISO 31000:2009 risk management standard.
  • The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review.
  • How to assess, analyse and treat identified information security risks in accordance with the guidance of ISO 27005. 
  • How to communicate, monitor and review risk management activities. 
  • How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
  • How vsRisk™ information security risk assessment software can help you save time and money.
  • How to advise third-party organisations on information security risk management.

ISO27005 Certified ISMS Risk Manager Management (CIS RM) examination

Attendees sit the ISO27005 Certified ISMS Risk Management (CIS RM) examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-certificated exam set by  IBITGQ.

There is no extra charge for taking the exam at the end of the course.


Exam results and certificates

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.


Who should attend this course?

  • Information security managers responsible for ISO 27001 implementation and maintenance.
  • Those who have attended the ISO27001 Certified ISMS Lead Implementer course and want to develop their practical risk management skills.
  • Risk managers who need to understand information security risk management processes.
  • ISO 27001 consultants who want to advise clients on implementing information security risk management.


Entry requirements

Although there are no formal entry requirements, we assume that all  have knowledge of the best practice as defined in the ISO 27002 and ISO 27005 standards. This could be acquired by purchasing and reading these standards, or by attending our ISO27001 Certified ISMS Foundation and/or Lead Implementer training courses.


Additional information

This course is non-residential, but we can help you find a hotel close to the training venue if you require – simply drop us an email after you book. Our superb training support team will find the solution most suitable for your needs.

The course includes:

  • A professional training venue with lunch and refreshments;
  • Comprehensive documentation (digital copy provided as a PDF file);
  • The ISO27005 Certified ISMS Risk Management (CIS RM) exam;
  • A certificate of attendance; and
  • A guarantee that it will run – we never cancel a course.


Important information for attending this course

Attendees are requested to bring along a laptop.


ISO 27001 Learning Pathway

This course is part of our ISO 27001 Learning Pathway, which also includes the ISO27001 Certified ISMS Foundation, Lead Implementer, Lead Auditor and Internal Auditor courses.


In-house training

All of our ISO 27001 courses are available in-house. IT Governance in-house training is designed to deliver cost-effective tuition to a group of individuals working in the same organisation. One of our experienced trainers can visit your offices to provide any of our courses at a date and time that suits you.

Download brochure

ISO 27001 Brochure


You may also be interested in:

Customer Reviews

(5.00)stars out of 5
# of Ratings: 2
1. on 02/11/2015, said:
5 stars out of 5
Fantastic training to compile all my old Risk Management know-how, in a very good structured way but also according to the ISO regulations. I am going to advise it to my colleagues and friends
Was this comment helpful?
(3 people found this comment helpful, 2 did not)
2. on 30/10/2015, said:
5 stars out of 5
This was an excellent course with an excellent trainer.
Was this comment helpful?
(3 people found this comment helpful, 2 did not)
Showing comments 1-2 of 2