|
ISO 27005 Certified Risk Manager (PECB Official Course)
Entidade formadora:
Locais de formação: Lisboa
Carga horária: 16h
Preço: 1.335€ (Isento de IVA)
Data(s) de início: 17/7/2011 das 9h00 às 18h00
Modalidade: Presencial
|
|
|
Descrição
Mastering risk evaluation and optimal risk management in information security with the ISO 27005 standard
The ISO 27005 “Certified Risk Manager” training enables the participants to master the basic risk management elements related to information using the ISO/IEC 27005:2008 standard as a reference framework. Based on practical exercises and case studies, the participant will be able to perform an optimal risk evaluation and manage risks in time by being familiar with their life cycle. Note that this training fits perfectly in the framework of an ISO 27001 standard implementation process.
General Information
- A copy of the ISO/IEC 27005:2008 standard is distributed to the participants for the duration of the training
- A student manual containing over 150 pages of information and practical examples will be distributed to the participants
- A 14 CPE (continuing professional education) participation certificate will be issued to the participants.
Objectivos
At the end of this course students must have:
- Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program
- To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
- Understand the relationship between the information security management system (including risk management), the security measures and the compliance with the requirements of different stakeholders of an organization
- Acquire the skills necessary to effectively advise organizations on the best practices in Risk Management
Interpret the requirements of ISO/IEC 27001:2005 on risk management.
Destinatários
- Person responsible for Risk Management within an organization
- Person responsible for information security or conformity within an organization
- Member of the information security team
- Expert advisor in IT
- Staff of organizations implementing or seeking to comply with ISO/IEC 27001:2005 or involved in a risk management program.
Programa
1: Introduction to risk management according to ISO 27005
1.1: Concepts and definitions related to risk management
1.2: Standards, frameworks and methodologies in risk management
1.3: Implement a risk management program
1.4: Risk analysis (identification and estimation)
2: Risk management and risk treatment according to ISO 27005
2.1: Risk Assessment
2.2: Risk Treatment
2.3: Acceptance of risk and management of residual risks
2.4: Risk communication
2.5: Monitoring and controlling risk
