Building on the implementation guidance delivered by the ISO 27001 Lead Implementer course, this three-day, advanced-level training course develops your competence in the key areas of information risk management; covering risk assessment, analysis, treatment and review.
It provides the skills and knowledge required to implement an information risk management programme based on ISO 27005:2018 and other risk management techniques. The course content is based on recognised best practice and real-world examples of the use of information risk management processes to reduce risk to information assets.
ISO 27005 provides guidelines for information security risk assessments and is designed to assist with the implementation of a risk-based ISMS (information security management system).
This course covers ISO 27005 and will teach you:
Gain practical experience in carrying out an effective risk assessment process as defined by ISO/IEC 27005:2011 through discussion, case studies and role play.
Learn how a risk assessment works in action using a combination of formal training, practical exercises and relevant case studies.
Choose whether you attend Live Online or in person at one of our training venues.
Get to grips with the key ISO 27005 and BS 7799-3 risk assessment processes.
This course is aimed at those who have attended the Certified ISO 27001 ISMS Lead Implementer and want to develop their practical risk management skills. For example:
Find out how the Certified ISO 27005 ISMS Risk Management Training Course will help you start or enhance your knowledge and career.
This course is an essential component of the following learning paths:
IT Governance is internationally recognised as the authority on ISO 27001 and information security. Our team led the world’s first ISO 27001 certification project, and since then we have trained more than 7,000 professionals on information security management system (ISMS) implementations and audits.
The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.
Day 1: 9:30am – 5:00pm
Day 2: 9:15am – 5:00pm
Day 3: 9:15am – 5:00pm
This course is equivalent to 21 CPD/CPE points.
Attendees take the ISO 17024-certificated, ISO 27005 Certified ISMS Risk Management (CIS RM) exam set by IBITGQ (International Board for IT Governance Qualifications). There is no extra charge for this exam.
Certified ISO 27005 ISMS Risk Management (CIS RM).
This course is accredited by the International Board for IT Governance Qualifications (IBITGQ).
You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the IBITGQ/GASQ successful candidate register.
Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.
Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.
There are no formal entry requirements but it is assumed that you have taken our CISMP or our ISO 27001 Certified ISMS Lead Implementer course or you have a good working knowledge of information security gained through practical experience.
We strongly recommend you purchase and read the standard prior to attending the course:
We also recommend that you purchase and read the following textbook: