Student? Switch to our Career Center Site →
Contact Us

ISO/IEC 27005 Information Security Risk Management Foundation

SO/IEC 27005 Foundation training course provides information on the fundamental concepts and principles of information security risk management based on ISO/IEC 27005. Why Should You Attend? ISO/IEC 27005 Foundation is a two-day training course that focuses on the information security risk management process introduced by ISO/IEC 27005 and the structure of the standard. It provides an overview of the guidelines of ISO/IEC 27005 for managing information security risks, including context establishment, risk assessment, risk treatment, communication and consultation, recording and reporting, and monitoring and review. After attending the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “PECB Certificate Holder in ISO/IEC 27005 Foundation” designation. This certificate demonstrates that you have a general knowledge of ISO/IEC 27005 guidelines for information security risk management.
Select Class Date
Course Details

Price:

Days:

2

Location:

Virtual

Course Overview

SO/IEC 27005 Foundation training course provides information on the fundamental concepts and principles of information security risk management based on ISO/IEC 27005. Why Should You Attend? ISO/IEC 27005 Foundation is a two-day training course that focuses on the information security risk management process introduced by ISO/IEC 27005 and the structure of the standard. It provides an overview of the guidelines of ISO/IEC 27005 for managing information security risks, including context establishment, risk assessment, risk treatment, communication and consultation, recording and reporting, and monitoring and review. After attending the training course, you can sit for the exam. If you successfully pass the exam, you can apply for the “PECB Certificate Holder in ISO/IEC 27005 Foundation” designation. This certificate demonstrates that you have a general knowledge of ISO/IEC 27005 guidelines for information security risk management.
  • Scroll right to view Objectives, Prerequisites, and Agenda

Describe the main risk management concepts, principles, and definitions Interpret the guidelines of ISO/IEC 27005 for managing information security risks Identify approaches, methods, and techniques used for the implementation and management of an information security risk management program

1 Introduction to ISO/IEC 27005 and information security risk management

  • Training course objectives and structure
  • Standards and regulatory frameworks
  • Fundamental concepts and principles of information security risk management
  • Information security risk management program
  • Context establishment

2 Risk identification, analysis, evaluation, and treatment based on ISO/IEC 27005

  • Risk identification
  • Risk analysis
  • Risk evaluation
  • Risk treatment

3 Information security risk communication and consultation, recording and reporting, and monitoring and review

  • Information security risk communication and consultation
  • Information security risk recording and reporting
  • Information security risk monitoring and review

4 Risk assessment methods

  • OCTAVE and MEHARI methodologies
  • EBIOS method
  • NIST framework
  • CRAMM and TRA methods
  • Closing of the training course

5 Certification Exam

Select Class Date
Class Dates & Times
Filters Sort results
Reset Apply
No results found. Clear filters and try again?
— Questions?

Information Request

— Empower Change

Invest in Skills & Equality

Support Diversity, Equity, and Inclusion with Every Purchase.

Great Horizons is a North Carolina Certified HUB Vendor and WOSB. By becoming a patron of our organization, you are not only supporting a historically underutilized business, but a woman-owned small business as well.