ISO/IEC 27005 Lead Risk Manager

Why attend

• Put risk management at the centre of your information security programme
• Detect, treat, and prevent information security risk with a repeatable framework
• Work across recognised methods — OCTAVE, EBIOS, MEHARI, CRAMM, NIST, and the Harmonized TRA
• Align risk practice with ISO/IEC 27005 and ISO/IEC 27001

Who should attend

• Managers and consultants involved in information security
• People responsible for managing information security risk
• ISMS professionals, risk owners, and privacy officers
• Project managers and expert advisers in information security risk management

What you'll learn

• Explain risk management concepts and principles per ISO/IEC 27005 and ISO 31000
• Establish, maintain, and continually improve an ISRM framework to ISO/IEC 27005
• Apply the ISRM process based on ISO/IEC 27005
• Plan and run risk communication and consultation
• Record, report, monitor, and review the ISRM process and framework

Our approach

• Grounds the best practices in real-life situations
• Uses essay-style, case-based exercises
• Includes scenario-based multiple-choice quizzes
• Encourages discussion between participants and mirrors the exam format

Prerequisites

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of risk management and information security.

Course agenda

Examination

The exam spans six competency domains, from ISRM principles and programme implementation through risk assessment, treatment, monitoring, and assessment methodologies.

Certification

• Leads to the PECB Certified ISO/IEC 27005 Lead Risk Manager credential
• Earned by passing the exam, signing the PECB Code of Ethics, and meeting the experience requirement for your tier
• Includes one free exam retake within 12 months