Skip to Main Content
0
United Kingdom
Select regional store:

Find the expert you need

Choose a service
Or choose a subject

If you need technical support, please visit our Contact us page.

Fill in the form to request a callback, and we will
get in touch with you in less than 24 hours.

GRC Solutions x Digital Trust Consulting. One partner for complete cyber resilience
Shop > Risk Management Frameworks > Certified ISO 27005 ISMS Risk Management Training Course
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
1495.0000
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
1495.0000
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
1495.0000
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
1495.0000
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
1495.0000

Certified ISO 27005 ISMS Risk Management Training Course

(4.9 stars)
• 11 reviews
SKU: 4209
Pass first time – or train again for free
  • Learn how to conduct an end-to-end information security risk assessment aligned with ISO 27005.
  • Build practical skills in applying ISO 27005 and other key risk management methodologies.
  • Join from anywhere – attend live online or in person at one of our UK training venues.
  • Three-day IBITGQ-accredited course with an included exam.
  • Earn the ISO 27005 Certified ISMS Risk Management (CIS RM) qualification and 21 CPD/CPE points.
Step 1 - Select location
Step 2 - Select date
Price: £1,495.00
ex. VAT
Step 3 - Select quantity
Description

Training course outline

This advanced course builds your skills in core areas of information risk management, including risk assessment, analysis, treatment and review.

You’ll learn:

  • The structure and purpose of the ISO 27005 information risk management standard
  • How to carry out an ISO 27005-aligned risk assessment
  • How to design and implement a risk management programme based on ISO 27005:2018
  • How to communicate, monitor and review risk effectively within an organisation

Certified ISO 27005 ISMS Risk Management training course benefits

 Get hands-on with ISO 27005

Gain practical experience carrying out a full ISO/IEC 27005:2011-aligned risk assessment – including discussion, case studies and role play.

 See how risk assessment works in practice

Understand how a formal risk assessment process runs from start to finish, reinforced through practical exercises and real-world examples.

 Train your way – online or in person

Choose to attend live online or in person at one of our UK venues. Same expert content, wherever you are.

 Understand key risk assessment standards

Explore how ISO 27005 and BS 7799-3 structure the risk assessment process – and how they align with ISO 27001.

See what our previous learners think about this course

100%

of delegates passed first time

97%

were happy with the pace of the course

97%

thought adequate course materials were provided

99%

agreed the course content was relevant.

“Fantastic training to compile all my old risk management know-how, in a very good structured way but also according to the ISO regulations. I am going to recommend it to my colleagues and friends.”

- Kirsty

 

“Great work with all of us, engaging everyone, I would highly recommend Damian. I would also like to add that the training material was really helpful, the exercises, friendly and easy to navigate through. As mentioned, Damian did a great job especially at engaging everyone.”

- Anonymous

 

“Training and keeping engagement on topics like risk is never easy, but the course trainer gave good examples and experiences which helped to explain the course material. Plenty of opportunities were given for people to ask for help, and that was also outside of the webex if they did not feel comfortable in asking in front of the group which was good. I would be very happy to attend another course delivered by the trainer, as he was very informative and engaging. ”

- Anonymous

 

“Wonderful trainer, great location and great food - would come back and recommend to colleagues!”

- Emma McMechan, Deputy SIRO/Security Advisor, Land Registry

 

“Damian was excellent presenter, very engaging and involving all delegates and providing apt examples and discussion points.”

- Kamala Bandepalli, GRC consultant

 

Who should attend this course?

This course is aimed at those who have attended the CISMP,  or Certified ISO 27001 ISMS Lead Implementer courses and want to develop their practical risk management skills. For example:

  • Risk Analysts
  • Risk Assessors
  • Risk Managers
  • IT/ Information Security Managers
  • IT/ Information Security Analysts

Why train with IT Governance

  • We led the world’s first ISO 27001 certification project and are recognised globally as the authority on ISO 27001.
  • Our trainers are experienced consultants with hands-on knowledge of ISMS implementation and audit.
  • More than 8,000 professionals have trained with us on ISO 27001 projects – and over 17,000 have taken our courses overall.
  • Pass first time or train again for free – we’re that confident in our results.*
  • Choose how you learn: attend live online or in person at one of our training venues.
  • All course materials are provided digitally and available 20 days before the course starts.
  • We offer flexible training solutions for teams of any size – from small businesses to global enterprises.

* Terms and conditions apply.

Course details

What does this course cover?

  • The role and importance of information security risk management within ISO 27001 
  • A full overview of the ISO 27005 standard and key risk management terminology
  • How ISO 27005 aligns with ISO 31000:2009 principles
  • Core information security risk processes: context establishment, risk assessment, risk treatment and monitoring/review
  • How to assess, analyse and treat information security risks in line with ISO 27005 guidance
  • How to communicate, monitor and review risk activities effectively
  • Using risk management to support ISO 27001 certification and ongoing compliance
  • How vsRisk™ software can streamline the risk assessment process
  • How to advise third-party organisations on implementing risk management best practice

What’s included in this course?

  • A professional training venue with lunch and refreshments; 
  • Full course materials (digital copy provided as a PDF file); 
  • The ISO 27005 Certified ISMS Risk Management exam; and 
  • A certificate of attendance.

What equipment do I need?

You will need a laptop for the duration of your course and exam. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 9:30am – 5:00pm
Day 2: 9:15am – 5:00pm
Day 3: 9:15am – 5:00pm

Course locations

  • Learn from anywhere with our instructor-led Live Online courses, or Classroom / Live Online delivery options. Learn more.
  • Alternatively you can study in a classroom at one of our venues in London or Ely (Cambridgeshire).

Are there any prerequisites for this course?

There are no formal entry requirements but it is assumed that you have taken the Certified ISO 27001 ISMS Lead Implementer or CISMP training course or you have a good working knowledge of ISO 27001 gained through practical experience.

Is there any recommended reading?

We strongly recommend you purchase and read the standard prior to attending the course:

We also recommend that you purchase and read the following textbooks:

Exams and qualifications

ISO 27005 Certified ISMS Risk Management exam

Attendees take the ISO 17024-certificated, ISO 27005 Certified ISMS Risk Management (CIS RM) exam set by IBITGQ (International Board for IT Governance Qualifications). There is no extra charge for this exam.

  • Delivery method: Online
  • Duration: 90 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

This course is equivalent to:

21

CPD points

What qualifications will I receive?

ISO 27005 Certified ISMS Risk Management (CIS RM).

Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications), a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued

Do I need proof of identity to take the exam?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.

Ways to learn

Learn your way with our flexible delivery methods

We want you to learn, qualify and progress, and we are committed to providing learning options for all scenarios: deadline-driven, career-orientated, company-wide or interest-led.

Instructor-led public courses

Structured learning, with clear direction and guidance from expert practitioners:

  • Focused learning
  • Delivered by expert practitioners
  • Peer support
  • In-the-moment insights

Learn more

Self-paced online learning

Learn and absorb material in a way that works for you:

  • Study at your own pace
  • Cost-effective
  • Bite-sized learning
  • Fits around you

Learn more

Unique blended learning courses

The most effective learning method for professionals:

  • Work around lifestyle challenges
  • A more manageable programme
  • Tailored, mastery-based learning
  • Better learning outcomes

Learn more

In-house and corporate training

Learning as a team and building a culture of awareness:

  • Unique to you
  • Peace of mind
  • Improve teamwork
  • Maximise your budget

Learn more

FAQs

FAQs

Are there any prerequisites? 

Who should attend this training course? 

How long is this training course?  

Does the training course provide support from a live instructor?  

How long until I receive the course confirmation details?  

Is this a general risk course or specialist?  

You may also be interested in

CRISC Training Course
From £1,995.00>

Customer Reviews

(4.9)stars out of 5
Number Of reviews: 11
Please login to your account to leave a review.
1. on 18/08/2025, said:
5 stars out of 5
An excellent course to understanding how the risk assessment works within ISO 27001 - I feel much more confident now in taking this forward in my organisation. Our presenter, Damian was very good with a vast amount of subject knowledge.
2. on 28/05/2024, said:
5 stars out of 5
Alice was an excellent trainer, course very informative and related course notes very helpful and complete. Would highly recommend this course to colleagues and business acquaintances.
3. on 28/05/2024, said:
5 stars out of 5
Great course which fulfilled the course objectives and gave me valuable knowledge and understanding of risk management. Course notes and the trainer were also excellent.
4. on 20/02/2024, said:
5 stars out of 5
Great course was extremely useful and Alice was amazing. She made the course interactive and kept me engaged throughout. Thank you Alice!
5. on 27/11/2023, said:
5 stars out of 5
Great course with good exercise.
6. on 25/10/2022, said:
5 stars out of 5
Excellent course and excellent trainer with lots of knowledge. The documentation is comprehensive and cover the materials in detail.
7. on 20/10/2021, said:
5 stars out of 5
Really great course, great trainer in Damian Garcia which combined, led to me achieving my best exam result across all the courses I have attended with IT Governance - a real testament to the quality of delivery and content - thoroughly recommended
8. on 02/08/2021, said:
5 stars out of 5
This was an excellent course and excellent trainer (Damian) who had a vast amount of subject knowledge and was able to help relate to real world scenarios
9. on 27/04/2021, said:
4 stars out of 5
It's the second course I have taken with IT Governance and one of the things I love about the school (onsite training facility) is the excellent learning guides they provide. This means you do not have to take notes and can fully concentrate on the course following the materials. Overall, it was well structured and I had plenty of time for the exam." (rating 4 out of 5)
10. on 02/11/2015, said:
5 stars out of 5
Fantastic training to compile all my old Risk Management know-how, in a very good structured way but also according to the ISO regulations. I am going to advise it to my colleagues and friends
Showing comments 1-10 of 11 (Next 10)
Click here to see all reviews
Loading...