ISO/IEC 27005 Lead Risk Manager Training Course
ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.
After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.
Who should attend?
- Information Security risk managers
- Information Security team members
- Individuals responsible for Information Security, compliance, and risk within an organization
- Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
- IT consultants
- IT professionals
- Information Security officers
- Privacy officers
Examination - Duration: 3 hours
The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1 Fundamental principles and concepts of Information Security Risk Management
- Domain 2 Implementation of an Information Security Risk Management program
- Domain 3 Information security risk assessment
- Domain 4 Information security risk treatment
- Domain 5 Information security risk communication, monitoring and improvement
- Domain 6 Information security risk assessment methodologies
General Information
- Certification fees are included on the exam price
- Training material containing over 350 pages of information and practical examples will be distributed
- A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
Course Outline
Day 1 Introduction to ISO 27005, concepts and implementation of a risk management program
- Section 01: Course objectives and structure
- Section 02: Standard and regulatory framework
- Section 03: Concepts and definitions of risk
- Section 04: Implementing a risk management programme
- Section 05: Context establishment
Day 2 Risk identification, evaluation, and treatment as specified in ISO 27005
- Section 06: Risk Identification
- Section 07: Risk Analysis
- Section 08: Risk Evaluation
- Section 09: Risk Assessment with a quantitative method
- Section 10: Risk Treatment
Day 3 Information Security Risk Acceptance, Communication, Consultation, Monitoring and Review
- Section 11: Information security risk acceptance
- Section 12: Information security risk communication and consultation
- Section 13: Information security risk monitoring and review
Day 4 Risk Assessment Methodologies
- Section 14: OCTAVE Method
- Section 15: MEHARI Method
- Section 16: EBIOS Method
- Section 17: Harmonized Threat and Risk Assessment (TRA) Method
- Section 18: Applying for certification and closing the training
Day 5 Certification Exam
Requirements
A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.
Open Training Courses require 5+ participants.
ISO/IEC 27005 Lead Risk Manager Training Course - Booking
ISO/IEC 27005 Lead Risk Manager Training Course - Enquiry
ISO/IEC 27005 Lead Risk Manager - Consultancy Enquiry
Consultancy Enquiry
Testimonials (3)
The fact that there were practical examples with the content
Smita Hanuman - Standard Bank of SA Ltd
Course - Basel III – Certified Basel Professional
Speed of response and communication
Bader Bin rubayan - Lean Business Services
Course - ISO/IEC 27001 Lead Implementer
The trainer was extremely clear and concise. Very easy to understand and absorb the information.
Paul Clancy - Rowan Dartington
Course - CGEIT – Certified in the Governance of Enterprise IT
Upcoming Courses
Related Courses
Introduction to ISO27001
7 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.
By the end of this training, participants will be able to:
- Understand the purpose and benefits of an ISMS.
- Familiarize themselves with key ISO 27001 concepts, terms, and principles.
- Recognize the role of an auditor in ensuring compliance.
- Gain insight into the audit process and continual improvement within ISO 27001.
Basel III – Certified Basel Professional
21 HoursDescription:
Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk. Having initially been agreed upon by the Basel Committee on Banking Supervision in 2010–11, changes to The Accord have extended implementation to 31st March 2019. Basel III strengthens bank capital requirements by increasing bank liquidity and decreasing bank leverage.
Basel III differs from Basel I & II in that it requires different levels of reserves for different forms of deposits and other types of borrowings, so it does not supersede them so much as it does work alongside Basel I and Basel II.
This complex and constantly changing landscape can be hard to keep up with, our course and training will help you manage likely changes and their impact on your institution. We are accredited with and a training partner to the Basel Certification Institute and as such the quality and suitability of our training and material is guaranteed to be up to date and effective
Objectives:
- Preparation for the Certified Basel Professional Examination.
- Define hands-on strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organization.
Target Audience:
- Board members with risk responsibilities
- CROs and Heads of Risk Management
- Members of the Risk Management team
- Compliance, legal and IT support staff
- Equity and Credit Analysts
- Portfolio Managers
- Rating Agency Analysts
Overview:
- Introduction to Basel norms and amendments to the Basel Accord (III)
- Regulations for market, credit, counterparty and liquidity risk
- Stress testing for various risk measures including how to formulate and deliver stress tests
- The likely effects of Basel III on the international banking industry, including demonstrations of its practical application
- Need For The New Basel Norms
- The Basel III Norms
- Objectives of The Basel III Norms
- Basel III – Timeline
Certified Fraud Examiner (CFE) Preparation
70 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.
By the end of this training, participants will be able to:
- Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
- Learn to identify, investigate, and prevent various types of financial fraud schemes.
- Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
- Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
- Learn to design and implement effective fraud prevention and deterrence programs within organizations.
- Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.
CGEIT – Certified in the Governance of Enterprise IT
28 HoursDescription:
This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.
Objectives:
This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.
Target Audience:
Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.
Compliance for Payment Services in Japan
7 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.
By the end of this training, participants will be able to:
- Understand the rules set forth by government regulators for payment service providers.
- Create the internal policies and procedures needed to satisfy government regulations.
- Implement a compliance program that adheres to relevant laws.
- Ensures that all corporate processes and procedures comply with the compliance program.
- Uphold the business's reputation while protecting it from lawsuits.
Cybersecurity Governance, Risk & Compliance (GRC)
14 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.
By the end of this training, participants will be able to:
- Understand the key components of cybersecurity governance, risk, and compliance.
- Conduct risk assessments and develop risk mitigation strategies.
- Implement compliance measures and manage regulatory requirements.
- Develop and enforce security policies and procedures.
ISO 27001:2023 Internal Auditor of the Information Security Management System
35 HoursObjectives
- Gaining knowledge of ISO 27001:2023
- Gaining knowledge on how to audit in accordance with the standard
- Getting to know good practices
ISO 27001:2023 Lead Auditor of the Information Security Management System
35 HoursObjectives
- Gaining knowledge of ISO 27001:2023
- Gaining knowledge on how to audit in accordance with the standard
- Getting to know good practices
ISO 27001:2023 Requirements
14 HoursObjectives
- Gaining knowledge about changes to ISO 27001 2023 edition
- Gaining knowledge on how to audit in accordance with the standard
- Getting to know good practices
PECB ISO/IEC 27001 Foundation
14 HoursWhy should you attend?
ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001. During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.
Who should attend?
- Individuals involved in Information Security Management
- Individuals seeking to gain knowledge about the main processes of Information Security Management Systems (ISMS)
- Individuals interested to pursue a career in Information Security Management
Educational approach
- Lecture sessions are illustrated with practical questions and examples
- Practical exercises include examples and discussions
- Practice tests are similar to the Certification Exam
PECB ISO/IEC 27001 Lead Implementer
35 HoursInformation security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Who Can Attend?
- Project managers and consultants involved in and concerned with the implementation of an ISMS
- Expert advisors seeking to master the implementation of an ISMS
- Individuals responsible for ensuring conformity to information security requirements within an organization
- Members of an ISMS implementation team
General information
- Certification fees are included in the exam price
- Training material containing over 450 pages of information and practical examples will be distributed
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months free of charge
Educational approach
- This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
- The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The exercises are based on a case study.
- The structure of the quizzes is similar to that of the certification exam.
Learning objectives
This training course will help you:
- Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
- Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Understand the operation of an information security management system and its processes based on ISO/IEC 27001
- Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
- Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS
PECB ISO/IEC 27001 Transition
14 HoursThe ISO/IEC 27001 Transition training course enables participants to thoroughly understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. In addition, participants will acquire knowledge on the new concepts presented by ISO/IEC 27001:2022.
PECB ISO 27001:2022 Transition
14 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at intermediate to expert-level IT professionals who wish to enhance their skills and qualifications in information security or related fields.
By the end of this training, participants will be able to:
- Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
- Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
- Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.