Skip to Main Content
This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
Spend And Save! Receive A Free Corporate Gift Card Up To The Value Of £100 This December. Find Out How >>
ISO 27001 and ISO 27005 Information Security Training Package

ISO27001 Lead Implementer and ISO27005 Risk Management Combination Course

SKU: 4278

Learn from the experts how to implement and maintain ISO 27001 best practice and certification. Acquire the knowledge and practical skills required to fully implement an effective ISO 27001-compliant risk management programme, building on ISO 27005 best practice.


Achieve the ISO27001 Certified ISMS Lead Implementer (CIS LI) and ISO27005 ISMS Risk Management (CIS RM) qualifications awarded by IBITGQ. Exams included in the courses. This course qualifies for 42 CPD/CPE points.

Course duration:

6 days

UK locations:

Birmingham, Edinburgh, Glasgow, London, Manchester. See venue details.

Save 15% when your purchase our ISO 27001 Lead Implementer and Risk Management combination course.  (Discount will be automatically applied.)

How to Book:

Simply book online to receive your booking confirmation and full joining instructions within 48 hours. We accept purchase orders from local authorities, government departments and other public-sector organisations, and will consider account facilities for large corporate customers. See our payment options page for details.

Book today

ISO27001 Certified ISMS Lead Implementer

ISO 27001 Certified ISMS Lead Implementer Training Course
Price: £1,795.00
ex vat

ISO 27005 Certified ISMS Risk Management

ISO 27005 Certified ISMS Risk Management Training Course
Price: £1,495.00
ex vat


Course overview

The ISO27001 Lead Implementer and ISO27005 Risk Management Combination course

ISO27001 Certified ISMS Lead Implementer ISO27005 Certified ISMS Risk Management
The flagship of our ISO 27001 Implementation Learning Pathway, this advanced-level course is focused on developing the in-depth knowledge and skills required to implement and deliver an ISMS. Building on the implementation guidance delivered by the ISO27001 Lead Implementer course, this course features real-life case studies to ensure attendees gain an in-depth understanding and a practical knowledge of the key activities of the ISO 27005 risk management process.
Download course data sheet Download course data sheet

The ISO27001 Lead Implementer and ISO27005 Risk Management Combination course

Designed by experts

This course is developed by ISO 27001 experts Alan Calder and Steve Watkins, and draws on their industry-leading implementation guide IT Governance: An International Guide to Data Security and IS027001/ISO27002.

A comprehensive overview of the implementation and risk management process of ISO 27001

This unique training programme provides a complete introduction to the requirements of ISO 27001, and covers all the activities required to plan, implement and maintain an ISO 27001-compliant information security management system (ISMS).

Led by specialists

Using a combination of formal training, practical exercises and relevant case studies, an experienced ISO 27001 trainer and consultant will help you develop the skills required to achieve ISO 27001 compliance for your organisation while reducing costs and avoiding common pitfalls.

Who should attend this course?

Anyone involved in information security management, writing information security policies or implementing ISO 27001, either as a lead implementer or as part of an implementation team.

  • Job titles:
    • IT/ Information Security Consultant
    • IT/ Information Security Manager
    • IT/ Information Security Officer
    • IT/ Information Security Project Manager
    • Risk Analyst
    • Risk Assessor
    • Risk Manager
    • Cyber security consultant
    • Head of IT
    • CISO (Chief Information Security Officer)
    • GDPR Consultant
    • Information security analyst
    • ISMS Manager
    • Network manager
  • MoD ELCAS Funding
    • This course is eligible for funding under the MoD ELCAS scheme and is suitable for serving members of the MoD or service leavers who wish to develop a career in information security management.

Why choose IT Governance for your training needs?

IT Governance is internationally recognised as the authority on ISO 27001. Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 7,000 professionals on information security management system (ISMS) implementations and audits.

Course details

What does the ISO27001 Lead Implementer and ISO27005 Risk Management Combination course cover? 

  • Why information security management (ISM) is important to an organisation.
  • The key concepts, principles and main requirements of ISO/IEC 27001:2013.
  • The terms and definitions used in the Standard, including risk and options for risk assessments.
  • How to interpret the requirements of ISO/IEC 27001:2013 to determine the scope of your ISMS.
  • How to structure and manage your ISO 27001 project.
  • How to review and map your existing controls to Annex A of ISO 27001.
  • The importance of the Statement of Applicability (SoA), and justifications for inclusions and exclusions.
  • The importance of information security risk management in ISO 27001 and its role within an organisation.
  • A full overview of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
  • How ISO 27005 is related to the ISO 31000:2009 risk management standard.
  • The key information security risk assessment processes, including context establishment, risk assessment, risk treatment and monitoring/review.
  • How to assess, analyse and treat identified information security risks in accordance with the guidance of ISO 27005.
  • How to develop a management framework, write policies and produce other critical documentation.
  • How to prepare for your ISO 27001 certification audit and ensure you that you pass first time.
  • How to manage and drive continual improvement under ISO 27001. 

Course agenda:

Course agenda (day 1-3):

  • Project mandate
  • Project initiation
  • ISMS initiation
  • Management framework
  • Baseline security criteria
  • Risk management
  • Implementation
  • Annex A controls
  • Measure, monitor, review and improve
  • Certification

Course agenda (day 4-6):

  • Risk Management in ISO 27001
  • Establishing the context
  • Scope, boundaries, roles and responsibilities
  • Information Security Risk Assessment

What’s included in this course?

  • A professional training venue with lunch and refreshments;
  • Full course materials (digital copy provided as a PDF file);
  • The ISO 27001 Certified ISMS Lead Implementer exam; 
  • The ISO 27005 Certified ISMS Risk Management; and
  • A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 9:30 am – 5:00 pm
Day 2: 9:00 am – 5:00 pm 
Day 3: 9:00 am – 5:00 pm
Day 4: 9:30 am – 5:00 pm
Day 5: 9:15 am – 5:00 pm
Day 6: 9:15 am – 3:00 pm

CPD/CPE points

This course is equivalent to 21 CPD/CPE points.

How much does the ISO27001 Lead Implementer and ISO27005 Risk Management Combination course cost?

The course costs £2,796.50 ex VAT.

Exams and qualifications

ISO27001 Lead Implementer and ISO27005 Risk Management Combination exams

Attendees sit the online ISO27001 CIS LI examination a 90-minute, multiple-choice, ISO 17024-certificated exam set by IBITGQ at the end of day 1. You also sit the ISO27005 Certified ISMS Risk Management (CIS RM) examination at the end of the course – a 90-minute, multiple-choice, ISO 17024-certificated exam set by  IBITGQ. There is no extra charge for taking these exams.

What qualifications will I receive?

ISO 27001 Certified ISMS Lead Implementer (CIS LI) and ISO27005 Certified ISMS Risk Management (CIS RM)

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.


Are there any prerequisites for this course?

There are no formal entry requirements but it is assumed that you have taken the ISO27001 Certified ISMS Foundation training course or you have a good working knowledge of ISO 27001 gained through practical experience.

Is there any recommended reading?

We strongly recommend you purchase and read the standard prior to attending the course:

We also recommend that you purchase and read the following textbooks:

Do I need to bring proof of identity?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

“Needing to get ISO 27001 quickly was a must-have for my firm to win a new deal in the Middle East. My trainer was an experienced consultant who patiently took me from beginner to expert in a remarkably short time. We not only achieved ISO 27001 certification but also use our new ISMS as the framework for managing all cyber security activities.”

Tarek Kalan, LTY Financial Services Ltd

Customer Reviews

(0.00)stars out of 5
# of Ratings: 0