ISEB Practitioner Certificate in Information Risk Management

Level

ISEB Practitioner Certificate in Information Risk Management

Aikona
Logo Aikona

Need more information? Get more details on the site of the provider.

Starting dates and places

There are no known starting dates for this product.

Description

Special Notices

***Due to the registration requirements of ISEB, bookings for this course must be made at least 10 working days prior to event start date.***

Overview

This course covers the BCS/ISEB Practitioner Certificate in Information Risk Management for Information systems and closely follows the approaches recommended in the ISO 27001 and ISO 27005 Standards.

The course will enable delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination which is taken on the last afternoon of the course.

Prerequisites

Candidates should ideally have at least 2 years’ experience in information security and risk management. An understanding of in…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Risk Management, Business Information Systems, Governance, Retail (Management), and Project Management.

Special Notices

***Due to the registration requirements of ISEB, bookings for this course must be made at least 10 working days prior to event start date.***

Overview

This course covers the BCS/ISEB Practitioner Certificate in Information Risk Management for Information systems and closely follows the approaches recommended in the ISO 27001 and ISO 27005 Standards.

The course will enable delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination which is taken on the last afternoon of the course.

Prerequisites

Candidates should ideally have at least 2 years’ experience in information security and risk management. An understanding of information security Standards such as ISO 27001, ISO 27002 and ISO 27005 would be beneficial as would attendance on the Certificate in Information Security Management Principles course (or similar). If delegates are uncertain about whether they meet course pre-requisites, they should contact the Training Manager at URM.

Delegates will learn how to

  • Conduct a risk analysis including business impact analyses and vulnerability assessments
  • Explain how the management of information risk will bring about business benefits
  • Explain and make full use of information risk management terminology
  • Explain the importance of control selection and risk treatment
  • Evaluate risks and present the results in a way which will form the basis of a risk treatment plan

Course Outline.

Concepts & importance of information risk management

  • The need for risk management
  • The context of risk in the business
  • Review of information security fundamentals
  • The use of international information risk management standards, e.g. ISO/IEC 27001, ISO 27005

The information risk management environment

  • Developing an information risk management strategy
  • Information risk assessment, risk treatment and risk management
  • Assets
  • Information risk management terminology

Stages of information risk management

  • Setting the scope
  • Business impact analyses
  • Threats, vulnerabilities and likelihood assessments
  • Risk determination
  • Risk management controls

Action and implementation

  • Information risk management methodologies
  • Reporting and presentation
  • Decision making
  • Risk treatment
  • Risk monitoring

Information classification schemes

  • Classification process
  • Classification issues
  • Typical classification schemes

Practical exercises

  • Why conduct a risk assessment?
  • Scoping a risk assessment
  • Conducting a Business Impact Analysis
  • Vulnerability and threat identification
  • Categorisation of threats
  • Assessing threat likelihood
  • Assessing vulnerability of assets to threats
  • Risk calculation
  • Produce recommendations for risk treatment
  • Producing a report for management
  • Different risk appetites
  • Producing a risk treatment plan
  • Risks in Outsourcing

After taking the course delegates will be able to sit a formal 3 hour examination set by BCS ISEB. The examination will comprise:

Section 1:

10 multiple choice questions

6 short answer questions

Section 2:

3 scenario based essay style questions.

Students will need to obtain a pass mark of at least 65% in Section 1 and an overall pass mark of 65% or more to pass the examination.

This course covers the BCS/ISEB Practitioner Certificate in Information Risk Management for Information systems and closely follows the approaches recommended in the ISO/IEC 27001 and BS 7799-3 Standards.

The course will enable delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination which is taken on the last afternoon of the course.


QA reserves the right to improve the specification and format of its courses for the benefit of its customers without notice to the customer.

There are no reviews yet.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate £1.- to Stichting Edukans.

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.