PECB ISO/IEC 27005 Risk Manager

The ISO/IEC 27005 Risk Manager training course provides valuable information on risk management concepts and principles outlined by ISO/IEC 27005 and also ISO 31000. The training course provides participants with the necessary knowledge and skills to identify, evaluate, analyze, treat, and communicate information security risks based on ISO/IEC 27005. Furthermore, the training course provides an overview of other best risk assessment methods, such as OCTAVE, MEHARI, EBIOS, NIST, CRAMM, and Harmonized TRA.

The PECB ISO/IEC 27005 Risk Manager certification demonstrates that you comprehend the concepts and principles of information security risk management.

• The training course is based on the theory and the best practices of information security.
• The training course provides practical examples and scenarios.
• Participants are encouraged to actively participate and engage in discussions and exercises and quizzes.
• Quizzes are similar in structure with the certification exam.

Basic knowledge of ISO/IEC 27005 and thorough knowledge of information security risk management.

• Managers or consultants involved in or responsible for information security in an organization
• Individuals responsible for managing information security risks  
• Members of information security teams, IT professionals, and privacy officers
• Individuals responsible for maintaining conformity with the information security requirements of ISO/IEC 27001 in an organization
• Project managers, consultants, or expert advisers seeking to master the management of information security risks

Day 1: Introduction to ISO/IEC 27005 and risk management
Day 2: Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005
Day 3: Risk recording and reporting, monitoring and review, and risk assessment methods

The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Fundamental principles and concepts of information security risk management
• Implementation of an information security risk management program
• Information security risk management framework and processes based on ISO/IEC 27005
• Other information security risk assessment methods

• Certification fees and examination fees are included in the price of the training course.
• Participants of the training course will receive over 350 pages of training materials, containing valuable information and practical examples.
• Participants of the training course will receive an attestation of course completion worth 21 CPD (Continuing Professional Development) credits.
• Participants who have completed the training course and failed to pass the exam, are eligible to retake it once for free within a 12-month period from the initial date of the exam.

• Explain the risk management concepts and principles outlined by ISO/IEC 27005 and ISO 31000
• Establish, maintain, and improve an information security risk management framework based on the guidelines of ISO/IEC 27005 
• Apply information security risk management processes based on the guidelines of ISO/IEC 27005
• Plan and establish risk communication and consultation activities