This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
ISO 27005 Certified ISMS Risk Management Training Course

ISO 27005 Certified ISMS Risk Management

SKU: 4209

This fully accredited, practitioner-led course equips you to use practical risk management methodologies to mitigate cyber security risks and ensure compliance with ISO27001. Real-world expertise and insights.


Three days/London


Classroom sessions from 09:00 to 17:00.


Achieve the ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-accredited). Exam included.

How to Book:

Simply book online to receive your booking confirmation and full joining instructions within 48 hours. We accept purchase orders from local authorities, government departments and other public-sector organisations, and will consider account facilities for large corporate customers. See our payment options page for details.

Book today

Course Locations

London (20% offer)
Regular Price: £1,495.00
On Sale For: £1,196.00
ex vat
call to book via purchase order
Price: £1,495.00
ex vat
call to book via purchase order


Ensure your organisation achieves and maintains ISO 27001 best practice and compliance

The ISO/IEC 27005:2011 standard provides guidance and support for the risk management approach specified by ISO 27001. Effective risk management is the key to achieving ISO 27001 certification, and maintaining and improving an information security management system (ISMS).

The three-day ISO27005 Certified ISMS Risk Management classroom course is designed to provide delegates with the knowledge and skills required to fully implement an effective ISO27001-compliant risk management programme.

Using a combination of formal training, practical exercises and relevant case studies, an experienced ISO 27001 trainer and consultant will:

This course also supports professional development: delegates who pass the included exam are awarded the ISO 17024-accredited ISO27005 Certified ISMS Risk Management (CIS RM) qualification by IBITGQ.


“Introduced to the basics of risk management on the previous ISO27001 Lead Implementer course, I needed to further build skills in the ‘nitty-gritty’ of ISMS risk analysis and treatment processes. The CIS RM qualification has also opened a few doors in my company and I am now working toward achieving my ISACA CRISC certification in the future.”

Gavin Tyler, Information Security Director, Winberg Holdings


What will you learn?

  • The role and importance of risk management in an organisation.
  • Why risk management is the core competence of information security management.
  • Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
  • How ISO 27005 is related to the ISO 31000:2009 risk management standard.
  • How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
  • ‘Hands-on’ practical experience in carrying out an effective risk management programme as defined by ISO/IEC 27005:2011.
  • The key information security risk management processes, including context establishment, risk assessment, risk treatment and monitoring/review.
  • The competence to advise third-party organisations on information security risk management.

See course contents >>


ISO27005 Certified ISMS Risk Manager (CIS RM) examination

Delegates sit the ISO27005 Certified ISMS Risk Management (CIS RM) examination at the end of the course – a 90-minute multiple-choice, ISO 17024-accredited exam set by IBITGQ. There is no extra charge for taking the exam at the end of the course.

This course is part of our unique ISO 27001 Learning Pathway, which also includes the ISO27001 Certified Foundation, Lead Implementer, Lead Auditor and Internal Auditor courses. It also qualifies for 21 CPD/CPE credits and fits well with the CISSP and SSCP Continued Professional Education Programme.


Who should attend this course?

  • Information security managers responsible for ISO 27001 implementation and maintenance.
  • Delegates who have attended the ISO27001 Certified ISMS Lead Implementer course and want to further develop their practical risk management skills.
  • Risk managers who need to understand information security risk management processes.
  • ISO 27001 consultants who want to advise clients on implementing information security risk management.

Entry requirements

While there are no formal entry requirements, we assume that all delegates have knowledge of the best practice as defined in ISO 27002 and ISO 27005 standards. This could be acquired by purchasing and reading these standards, or by attending our ISO27001 Certified ISMS Foundation and/or Lead Implementer training courses.


Additional information

This course is non-residential, but we can help you to find a hotel close to the training venue if you require – simply drop us an email after you book. Our superb training support team will find the solution most suitable for your needs.

The course includes:

  • Professional training venue with lunch and refreshments.
  • Comprehensive documentation (digital copy provided as PDF file).
  • ISO27005 Certified ISMS Risk Management (CIS RM)
  • Certificate of attendance.
  • Guaranteed to run: we never cancel a course.


You may be interested in:

Customer Reviews

(2# of Ratings:)
0 people found this comment helpful
1 did not
Was this comment helpful?
Fantastic training to compile all my old Risk Management know-how, in a very good structured way but also according to the ISO regulations. I am going to advise it to my colleagues and friends
0 people found this comment helpful
1 did not
Was this comment helpful?
This was an excellent course with an excellent trainer.
Showing comments 1-2 of 2