TRAINING CATEGORIES

(Click Category to List Courses)

28 - ISO - ISO (Standardization) Programs

ISO 108 - ISO 27005 Information Security Risk Management

Code	Start Date	Duration	Venue
ISO 108	02 October 2023	5 Days	Istanbul	Registration Form Link
ISO 108	27 November 2023	5 Days	Istanbul	Registration Form Link
ISO 108	25 December 2023	5 Days	Istanbul	Registration Form Link

Please contact us for fees

PERSONAL DETAILS
Salutation:*
Full Name:*
Company/Job Title:*
City:*
Country:*
Contact No:*
Fax:
E-Mail:*
Number of person:*
How many days:*
Location:*
Language:*
Inquiry:*

Course Description

Risk assessment and management provides the foundation for internal controls management, as well as business continuity and disaster recovery management. ISO 27005 provides guidelines for information security risk management, it supports the general concepts specified in ISO 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach. In this course, participants develop the competence to master the basic risk management elements related to all assets of relevance for information security using the ISO 27005 standard as a reference framework.

Course Objectives

Understanding the concepts, approaches, methods and techniques allowing an effective management of risk according to ISO 27005
Interpreting the requirements of ISO 27001 on information security risk management
Understanding the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization
Acquiring the competence to effectively advise organizations on the best practices in information security risk management

Who Should Attend?

Managers
Persons responsible for information security or conformity within an organization
Member of the information security team
IT consultants
Staff organizations implementing or seeking to comply with ISO 27001 or involved in a risk management program

Course Details/Schedule

Day 1

Why ISO 27005?
Scope of ISO 27005
Concepts and definitions related to risk management
Risk management standards, frameworks and methodologies
Implementation of an information security risk management program

Day 2

Understanding an organization and its context
ISMS overview
Major differences in ISMS approachs
Recommended approach
Points to consider

Day 3

Introduction to the landscape of risk
Asset landscape
Threat landscape
Controls landscape
Loss (impact) landscape
Vulnerability landscape

Day 4

What information is necessary for risk analysis?
Define the context for information risk management
Risk identification and risk analysis
Introduction to risk assessment methodologies
Risk assessment with a quantitative method

Day 5

Determine the appropriate information risk treatment plan
Develop an information security risk communication plan
Describe the information security risk monitoring and review Plan
Acceptance of information security risks and management of residual risks

FIND A PROGRAM

Complete Schedule

Category City Month

Search in Course Titles

Search in Whole Outlines

Reset

User Login

SAHARA Group Training and Consultancy INC (in Turkish: SAHARA Group Eğitim ve Danışmanlık AŞ)

Tax Office: Beyoğlu (Istanbul/Turkiye,Tax No: 7390525151 (Vergi Dairesi: Beyoğlu (İstanbul), Vergi No: 7390525151)

SEND TO MY COLLEAGUE
Full Name: *
E-Mail:*
Message:*