Course Outline
Day 1: Introduction to ISO/IEC 27005 and implementation of a risk management program
• Course objectives and structure
• Standard and regulatory framework
• Concepts and definitions of risk
• Risk management programme
• Context establishment
Day 2: Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005
• Risk identification
• Risk analysis
• Risk evaluation
• Risk assessment with a quantitative method
• Risk treatment
• Information security risk acceptance
Requirements
-
Testimonials (1)
The fact that all the standard was reviewed and discussed with some examples, when needed and required.