Certified ISO 27005 ISMS Risk Management Training Course

SKU: 4209

In just three days, learn how to conduct an information security risk assessment from start to finish through practical risk management methodologies, including ISO 27005 and other risk management techniques. By attending and passing the course exam, you will achieve the ISO 17024-Certificated CISRM (Certified Information Security Risk Management) qualification. See training venue details.

"Fantastic training to compile all my old risk management know-how, in a very good structured way but also according to the ISO regulations. I am going to recommend it to my colleagues and friends." - Kirsty

Other ways to learn | In-house

Pay by purchase order | Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our training sales team on +44 (0)333 800 7000.

Limited time offer! Get free access to 8 e-learning courses when you purchase this training course – hurry, offer ends 31 October! (T&Cs apply).

Step 1 - Select location

Step 2 - Select date

Price: £1,795.00

ex vat

Step 3 - Select quantity

call to book via purchase order

Description

The ISO 27005 Certified ISMS Risk Management course outline

Building on the implementation guidance delivered by the ISO 27001 Lead Implementer course, this three-day, advanced-level training course develops your competence in the key areas of information risk management; covering risk assessment, analysis, treatment and review.

It provides the skills and knowledge required to implement an information risk management programme based on ISO 27005:2018 and other risk management techniques.  The course content is based on recognised best practice and real-world examples of the use of information risk management processes to reduce risk to information assets.

Download course data sheet >>

“Wonderful trainer, great location and great food - would come back and recommend to colleagues!”

- Emma McMechan, Deputy SIRO/Security Advisor, Land Registry.

“Alice was the epitomy of a good trainer. I consider me passing this exam because her class was so good."

- Eirini, Investigation Lead

The ISO 27005 risk management standard

ISO 27005 provides guidelines for information security risk assessments and is designed to assist with the implementation of a risk-based ISMS (information security management system).

This course covers ISO 27005 and will teach you:

All about the ISO 27005 information risk management standard and key risk management terminology;
How ISO 27005 is related to the ISO 31000:2009 risk management standard; and
How to assess, analyse and treat identified information security risks in accordance with ISO 27005 guidance.

BS 7799-3: guidance for information security risk management

BS 7799-3 is another information security risk management standard, which offers alternative processes to manage information security risks.

This course also covers BS 7799-3 and will teach you:

All about BS 7799-3 and key risk management terminology; and
How to assess, analyse and treat identified information security risks in accordance with BS 7799-3 guidance.

The benefits of the ISO 27005 Certified ISMS Risk Management course

Develop your understanding of ISO 27005 and BS 7799-3

Get to grips with the key ISO 27005 and BS 7799-3 risk assessment processes.

Find out how a risk assessment works

Learn how a risk assessment works in action using a combination of formal training, practical exercises and relevant case studies.

Gain experience with hands-on study

Gain practical experience in carrying out an effective risk assessment process as defined by ISO/IEC 27005:2011 through discussion, case studies and role play.

100%

of delegates passed first time

97%

found the course content to meet their expectations

97%

agreed the course content was relevant

97%

thought adequate course materials were provided

Who should attend this course?

This course is aimed at those who have attended the CISMP,  or ISO27001 Certified ISMS Lead Implementer course and want to develop their practical risk management skills.

Job titles:

Risk Analyst
Risk Assessor
Risk Manager
IT/ Information Security Manager
IT/ Information Security Analyst

Why choose IT Governance for your training needs?

We’re internationally recognised as the authority on ISO 27001 – Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 8,000 professionals on information security management system (ISMS) implementations and audits.
Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
Choose the method that suits you – we offer classroom, Live Online, distance learning, e-learning and in-house training options.
Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.

* conditions applicable

Course details

What does the course cover?

The importance of information security risk management in ISO 27001 and its role within an organisation.
A full overview of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
How ISO 27005 is related to the ISO 31000:2009 risk management standard.
The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review.
How to assess, analyse and treat identified information security risks in accordance with ISO 27005 guidance.
How to communicate, monitor and review risk management activities. 
How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
How vsRisk™ information security risk assessment software can help you save time and money.
How to advise third-party organisations on information security risk management.

What’s included in this course?

A professional training venue with lunch and refreshments;
Full course materials (digital copy provided as a PDF file);
The ISO 27005 Certified ISMS Risk Management exam; and
A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Your complete training programme

This course is part of our training programme. You can download your training pathway below to find your next recommended courses.

Download now >>

Combination course option

Save 15% when you book the Certified ISO 27001 Lead Implementer and ISO 27005 Risk Management Combination Training Course. With this course you can achieve the ISO 27001 Certified ISMS Lead Implementer (CIS LI) and ISO 27005 ISMS Risk Management (CIS RM) qualifications awarded by IBITGQ in just 6 days.

Course duration and times

Day 1: 9:30 am – 5:00 pm
Day 2: 9:15 am – 5:00 pm
Day 3: 9:15 am – 5:00 pm

Course locations:

London.

CPD/CPE points

This course is equivalent to 21 CPD/CPE points.

Exams and qualifications

ISO 27005 Certified ISMS Risk Management exam

Attendees take the ISO27005 Certified ISMS Risk Management (CIS RM), ISO 17024-certificated, exam set by IBITGQ at the end of the course. This is a 90-minute multiple-choice online exam, consisting of 40 questions. Candidates need to achieve a minimum of 65% to pass. There is no extra charge for taking the exam.

What qualifications will I receive?

ISO 27005 Certified ISMS Risk Management (CIS RM).

How will I receive my exam results and certificates?

Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.

Prerequisites

Are there any prerequisites for this course?

There are no formal entry requirements but it is assumed that you have taken the ISO27001 Certified ISMS Lead Implementer or CISMP training course or you have a good working knowledge of ISO 27001 gained through practical experience.

Is there any recommended reading?

We strongly recommend you purchase and read the standard prior to attending the course:

ISO IEC 27001 2013 and ISO IEC 27002 2013

We also recommend that you purchase and read the following textbooks:

Do I need to bring proof of identity?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

Customer Reviews

(5.00)

# of Ratings: 2

(Only registered customers can rate)

1. Martin Loro on 02/11/2015, said:

Fantastic training to compile all my old Risk Management know-how, in a very good structured way but also according to the ISO regulations. I am going to advise it to my colleagues and friends

2. Kirsty on 30/10/2015, said:

This was an excellent course with an excellent trainer.

Showing comments 1-2 of 2