The training "ISO / IEC 27005 Risk Manager" will allow you to develop the skills to master the processes related to all relevant assets for the information security by using ISO / IEC 27005 as a framework for reference. During this training, we will also present other risk assessment methods such as OCTAVE, EBIOS, MEHARI and the harmonized methodology of EMR. This training fits perfectly into the implementation process of the WSIS framework according to ISO / IEC 27001.
In particular, the objectives of the training are:
• Basic understanding of ISO / IEC 27005 and in-depth knowledge of risk assessment and information security.
• Code : ISO 27005
• Duration : 3 jour
• schedule : 8h30 - 17h30
• place : training center, Center Urbain Nord, Tunis
• Information Security Risk Managers
• Members of the information security team
• Information Security Officers
• Course materials
• 40% demonstration
• 40% of theory
• 20% practical exercises
• Objectives and structure of the training
• Concepts and definitions of risk
• Normative and regulatory frameworks
• Implementation of a management program risks
• Understanding of the organization and its context
• Risk identification
• Risk Analysis and Assessment
• Risk assessment with a method quantitative
• Risk treatment
• Risk acceptance and risk management residual
• Communication and consultation relating to risks in information security
• Surveillance and risk review
• OCTAVE method
• MEHARI method
• EBIOS method
• Harmonized methodology of EMR
• Closing of the training
Do not hesitate to contact our experts for any additional information, study and free calculation of an audit service.