Information Security Risk Management

    Become a PECB certified professional in only 3 days




    Course description

    ISO/IEC 27005 Lead Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

    Learning objectives

    • Understand the concepts, approaches, methods, and techniques that enable an effective risk management process according to ISO/IEC 27005
    • Acknowledge the correlation between Information Security risk management and security controls
    • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
    • Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices
    • Acquire the knowledge necessary for the implementation, management, and maintenance of an ongoing risk management program.

    Exam & Certification

    An examination is held on the 5th day of the course. After successfully completing the exam, you will be eligible to apply for PECB certificate. 

    Who should attend?

    • Information Security risk managers
    • Information Security team members
    • Individuals responsible for Information Security, compliance, and risk within an organization
    • Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
    • IT consultants
    • IT professionals
    • Information Security officers
    • Privacy officers

    Training length

    3 days


    Training methods

    Online instructor-led

    At your office



    Training langauge

    Course material: English

    Teaching langauges: English, Russian,  Romanian 


    Quality & Expertise

    All our trainers are holders of internationally recognized certificates and possess a solid experience in information security field.

    Highly practical

    This training is based on both theory and best practices used in risk assessment and treatment. You will learn not only about ISO 27005 but also different assessment methods.

    Free support

    After the successful course completion you will be entitled for 1 month of free support  

    Ad to this course any other course by ISO Cyber Academy and you will get a 10% discount on the total purchase amount.

    How to book the course?


    Click on the Book this course button

    You will be riderected to the contact form.

    Choose your course from the list

    In the message box, indicate the number of participants, the desired learning method (online/at your office) and, choose the course of your interest from the provided list.

    We will get back to you in no time

    We will contact you to set the training week that suits you best.

    Explore other Information Security Courses

    Information Security Risk Management

    Risk taxonomy with FAIR framework (coming soon)

    Security Awareness

    Cybersecurity Fundamentals

    (coming soon)

    Cybersecurity for executives

    (coming soon)

    ISAP implementer

    (coming soon)

    Not sure which is the right course for you?

    Let us help you chose a course that best suits your career needs.