Information Security Risk Training Courses

Information Security Risk Training

Information Security Risk courses

Information Security Risk Course Outlines

Code Name Duration Overview
pcirm PCIRM - Practitioner Certificate in Information Risk Management 35 hours Description: The Practitioner Certificate in Information Risk Management (PCIRM) provides security practitioners with a comprehensive and highly practical course enabling them to develop a business focused information security and governance risk strategy. It closely follows the approaches recommended in the ISO 27001 and ISO 27005 standards. The five-day course prepares delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination. Target Audience: Information security and governance practitioners Internal IT auditors Staff from within compliance and operational risk functions IT managers and senior staff Project managers and others responsible for designing security in to information systems. Objectives: On completion of this course delegates will be able to: develop an information risk management strategy conduct threat vulnerability and likelihood assessments, business impact analyses and risk assessments explain how the management of information risk will bring about significant business benefits explain and make full use of information risk management terminology explain the principles of controls and risk treatment present results of the risk assessment in a format which will form the basis of a risk treatment plan explain and produce information classification schemes confidently sit the ISEB examination 1. The concepts and framework of information risk management In this section of the syllabus, delegates will explore the overall concept of risk management and how it is used in the context of information risk. 1.1 The need for information risk management 1.2 The context of risk in the organisation 2 Information risk management fundamentals This section of the syllabus examines the information risk management environment and terminology in greater detail. 2.1 Review of information security fundamentals 2.2 The use of information risk management standards and good practice guides 2.3 The process of information risk management 2.4 Terms and definitions 3 Establishing an information risk management programme This section of the syllabus examines the requirements for an information risk management programme, the strategic nature of its approach and the need for information classification. 3.1 The information risk management programme requirements 3.2 Development of the strategic approach to information risk management 3.3 Information classification 4 Risk identification This section of the syllabus examines the first part of the information risk management programme, and deals in greater detail with the identification of information risk. 4.1 Identification of assets 4.2 Business impact analysis 4.3 Threat and vulnerability assessment 5 Risk assessment This section of the syllabus deals with how risks are analysed and evaluated, how the results are recorded and prioritised and how appropriate controls may be selected. 5.1 Risk analysis 5.2 Risk evaluation 5.3 Options for risk management control 6 Risk treatment This section of the syllabus covers the process for reporting and presenting the results of the risk assessment process and for gaining senior management approval to apply the appropriate controls. 6.1 Risk reporting and presentation 6.2 Business cases 6.3 Risk treatment plans 7 Monitor and review 7.1 Information risk monitoring 7.2 Information risk review
pcbc PCBC - Practitioner Certificate in Business Continuity Management 35 hours Description: This is a 'Practitioner' course and leans heavily on practical exercises designed to reinforce the concepts being taught and to build the delegates confidence in implementing business continuity management. The course is also designed to encourage debate, and the sharing of knowledge and experience between students. Delegates will benefit from the practical and extensive experiences of ours trainers who are practicing business continuity management and ISO 22301:2012 specialists. Delegates will learn how to: Explain the need for business continuity management (BCM) in all organisations Define the business continuity lifecycle Conducting business continuity programme management Understand their organisation sufficiently to identify mission-critical impact areas Determine their organisation's business continuity strategy Establish a business continuity response Exercise, maintain and review plans Embed business continuity in an organisation Define terms and definitions appropriate to business continuity By the end of the course, delegates will have a detailed understanding of all the key components of business continuity management and be able to return to their work, making a significant contribution to the business continuity management process. 1. Introduction to Business Continuity Management This section of the module provides a basic introduction to the discipline of business continuity management, describes how it should fit in with the overall strategy of a business, provides a brief overview of risk management. 1.1 The need for Business Continuity Management 1.2 The context of Business Continuity Management in the business 1.3 Leadership and senior management commitment to Business Continuity 1.4 Review of Risk Management Fundamentals 1.5 The Business Continuity Institute’s Lifecycle 2. BC Policy and Programme Management This section of the module describes both the initial stages and the requirements for the ongoing management of the business continuity management programme. 2.1 Initial activities 2.2 Implementing the BC Programme 2.3 Supply Chain Continuity 2.4 Documentation 3. Understanding the Organisation (Analysis) – 10 hours This section of the module describes how the business continuity manager sets about understanding the organisation and initiates the overall business continuity management programme. 3.1 Identification of Business–Critical Areas 3.2 Terminology 3.3 Business Impact Analysis 3.4 Continuity Requirements Analysis 3.5 Threat and Vulnerability Assessments 3.6 Horizon Scanning 3.7 Risk Assessment 3.8 Evaluation of Options 3.9 Business Cases and Programme Sign-Off 4. Determining the Business Continuity strategy (Design) This section of the module describes how the organisation develops an overall business continuity strategy. 4.1 Strategic Options 4.2 People 4.3 Premises 4.4 Processes and Procedures 4.5 Technology 4.6 Information 4.7 Supply Chain 4.8 Stakeholders 4.9 Civil Emergencies 5. Business Continuity Response (Implementation) – 6 hours This section of the module describes how the organisation develops and implements the Business Continuity response. 5.1 Overall Incident Response Structure 5.2 Types of Plan 5.3 Incident Management Plans 5.4 Business Continuity Plans 5.5 Disaster Recovery Plans 5.6 Business Resumption Plans 6. Exercising, maintenance and review (Validation) – 4 hours This section of the module describes the overall Business Continuity exercising, maintenance and review programme. 6.1 Exercising and Testing of Plans 6.2 Maintenance of Plans 6.3 Review of Plans 7. Embedding Business Continuity Awareness in the Organisation – 3 hours This section of the module describes how Business Continuity awareness should be embedded into the organisation 7.1 Overall Awareness 7.2 Skills Training 8. Annexes This section of the module describes the overall Business Continuity Management programme 8.1 Glossary of Terms and Definitions 8.2 References
crisc CRISC - Certified in Risk and Information Systems Control 21 hours Description: This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The five (5) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CIRSC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material. The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction. Objectives: To help you pass the CRISC examination first time possessing this certification will signify your commitment to serving an enterprise with distinction the growing demand for professionals with risk and control skills will allow holders of this certification to command better positions and salary You will learn: To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. The technical skills and practices that CRISC promotes, these are the building blocks of success in the field Domains Risk Identification, Assessment and Evaluation Risk Response Risk Monitoring Information Systems Control Design and Implementation IS Control Monitoring and Maintenance
iso27005 Building up information security according to ISO 27005 21 hours This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.1. Introduction to risk management 2. Risk assessment methodologies 3. The ISO 27005 information security risk management framework and process model 4. Classification and identification of information assets 5. Definition of threats to information assets 6. Identification of the vulnerabilities these threats might exploit 7. Risk analysis: risk scoring using scales and simple calculations 8. An introduction to risk analysis tools 9. Risk evaluation and acceptance strategies 10. Risk treatment and the selection of mitigating control measures 11. Review and continual improvement of risk assessment and management 12. Risk communications and consultation 13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS

Other regions

Weekend Information Security Risk courses, Evening Information Security Risk training, Information Security Risk boot camp, Information Security Risk instructor-led , Information Security Risk instructor, Information Security Risk coaching, Information Security Risk trainer , Information Security Risk on-site, Information Security Risk classes, Information Security Risk training courses,Weekend Information Security Risk training, Evening Information Security Risk courses, Information Security Risk private courses

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients