Take a hands-on approach to learning about information risk management, in the context of current standards including the ISO 27000 series.
Who is it for?
Anyone who is involved in the areas of information security and information assurance.
There are no formal entry requirements however, the candidate will require an understanding of information assurance. It is recommended that candidates attend an accredited training course.
What will I learn?
Candidates should be able to demonstrate:
- How the management of information risk will bring about significant business benefits.
- How to explain and make full use of information risk management terminology.
- How to conduct threat and vulnerability assessments, business impact analyses and risk assessments.
- The principles of controls and risk treatment.
- How to present the results in a format which will form the basis of a risk treatment plan.
- The use of information classification schemes.