PECB ISO/IEC 27005 Foundation

-

Training course is focused on the information security risk management process introduced by ISO/IEC 27005 and the structure of the standard.

The course provides an overview of the guidelines of ISO/IEC 27005 for managing information security risks, including context establishment, risk assessment, risk treatment, communication and consultation, recording and reporting, and monitoring and review.

After attending the training course, you can enroll for the Foundation Exam and, if you successfully pass it, you can apply for a “PECB Certificate Holder in ISO/IEC 27005 Foundation” certificate.

Foundation Exam ( extra cost): Duration: 1 hour, Questions: 40, Where: Online

A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, processes, and management approaches used in information security risk management.

Day 1: Introduction to ISO/IEC 27005 and implementation of a risk management program
                  • Course objectives and structure
                  • Standard and regulatory framework
                  • Concepts and definitions of risk
                  • Risk management programme
                  • Context establishment
                  

Day 2: Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005
                  • Risk identification
                  • Risk analysis
                  • Risk evaluation
                  • Risk assessment with a quantitative method
                  • Risk treatment
                  • Information security risk acceptance