Login / Register
Login / Register

ISO/IEC 27005 Risk Manager

,
  • This course is for : Expert Level

The ISO/IEC 27005 Risk Manager training course equips participants to understand the process of developing, establishing, maintaining, and continuously improving an information security risk management framework in accordance with the guidelines of ISO/IEC 27005.

Why should you attend?

This training course provides in-depth knowledge of risk management concepts and principles as outlined by ISO/IEC 27005 and ISO 31000. It develops the necessary competencies to identify, evaluate, analyze, treat, and communicate information security risks effectively. The course also offers an overview of other established risk assessment methodologies, such as OCTAVE, MEHARI, EBIOS, NIST, CRAMM, and Harmonized TRA.

Earning the PECB ISO/IEC 27005 Risk Manager certification demonstrates a comprehensive understanding of information security risk management principles.

The training is followed by a certification examination. A passing score qualifies participants to apply for the “PECB Certified ISO/IEC 27005 Risk Manager” credential.

Who should attend?

This training course is intended for:

  • Managers or consultants involved in or responsible for information security within an organization.

  • Individuals responsible for managing information security risks.

  • Members of information security teams, IT professionals, and privacy officers.

  • Individuals tasked with ensuring conformity to the information security requirements of ISO/IEC 27001.

  • Project managers, consultants, or expert advisors seeking to master information security risk management.

Learning objectives

Upon the successful completion of this training course, you will be able to:

  • Explain the risk management concepts and principles outlined by ISO/IEC 27005 and ISO 31000.

  • Establish, maintain, and improve an information security risk management framework based on the guidelines of ISO/IEC 27005.

  • Apply the information security risk management processes defined in ISO/IEC 27005.

  • Plan and execute risk communication and consultation activities effectively.

Educational approach

  • The course is grounded in theoretical concepts and best practices of information security.

  • Instruction is supported by practical examples and real-world scenarios.

  • Participants are encouraged to engage actively in discussions, exercises, and quizzes.

  • Quiz formats are designed to mirror the structure of the certification exam.

The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

Domain 1: Fundamental principles and concepts of information security risk management

Domain 2: Implementation of an information security risk management program

Domain 3: Information security risk management framework and processes based on ISO/IEC 27005

Domain 4: Other information security risk assessment methods

Upon successfully passing the examination, you may apply for the relevant credential outlined in the program. The official certificate will be issued after you have fulfilled all requirements associated with your selected credential.

 

Credential Exam Professional experience Risk Management experience Other requirements
PECB Certified ISO/IEC 27005 Provisional Risk Manager PECB Certified ISO/IEC 27005 Risk Manager exam or equivalent None None Signing the PECB Code of Ethics
PECB Certified ISO/IEC 27005 Risk Manager PECB Certified ISO/IEC 27005 Risk Manager exam or equivalent Two years: One year of work experience in Information Security Risk Management Information Security Risk Management activities: 200 hours Signing the PECB Code of Ethics
PECB Certified ISO/IEC 27005 Senior Risk Manager PECB Certified ISO/IEC 27005 Risk Manager exam or equivalent Ten years: Seven years of work experience in Information Security Risk Management Information Security Risk Management activities: 1000 hours Signing the PECB Code of Ethics

To ensure validity, these information security activities must adhere to established best practices and encompass the following:

  • Defining a formal risk management framework and methodology.
  • Determining clear risk management objectives and scope.
  • Conducting a comprehensive risk assessment.
  • Developing a structured risk management program.
  • Defining criteria for risk evaluation and acceptance.
  • Evaluating options for risk treatment and mitigation.
  • Continuously monitoring and reviewing the risk management program for effectiveness.

The training course fee is comprehensive and includes all associated certification and examination costs.

Participants will receive detailed training materials comprising over 350 pages of instructional content and practical examples.

Attendees who complete the training will be awarded a certificate of course completion, accredited for 21 Continuing Professional Development (CPD) credits.

Candidates who do not pass the examination on their first attempt are eligible for one complimentary retake within a 12-month period from the initial exam date.

Original price was: $999.00.Current price is: $450.00.
Clear
-
+

Course agenda

Day 1: Introduction to ISO/IEC 27005 and risk management

Day 2: Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005

Day 3: Risk recording and reporting, monitoring and review, and risk assessment methods