(5-Day course)
Course summary
The Practitioner Certificate in Information Risk Management (PCiIRM) provides security practitioners with a comprehensive and highly practical course enabling them to develop a business focused information security and governance risk strategy. It closely follows the approaches recommended in the ISO 17799, ISO 27001 and BS 7799-3 standards. The five-day course prepares delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination.
Agenda
- Concepts and importance of information risk management
- The information risk management environment
- Stages of information risk management
- Addressing risks and implementing appropriate controls
- Information classification schemes
Practical exercises include:
- scoping and conducting risk assessments including business impact and threat assessment
- calculating and presenting risks
- producing risk reports and risk treatment plans
- planning and documenting an internal audit of the information security management system
- producing an information classification scheme.
Objectives
On completion of this course delegates will be able to:
- develop an information risk management strategy
- conduct threat vulnerability and likelihood assessments, business impact analyses and risk assessments
- explain how the management of information risk will bring about significant business benefits
- explain and make full use of information risk management terminology
- explain the principles of controls and risk treatment
- present results of the risk assessment in a format which will form the basis of a risk treatment plan
- explain and produce information classification schemes
- confidently sit the ISEB PCIRM examination.
Pre-requisites
Candidates should ideally have one to two years' experience in information security and are looking to get increasingly involved in the risk management process within their organization. An awareness of information security standards such as ISO 17799, and ISO 27001 would be beneficial, as would attendance on the Certificate in Information Security Management Principles course.
Who should attend?
- Information security and governance practitioners
- internal IT auditors
- staff from within compliance and operational risk functions
- IT managers and senior staff
- project managers and others responsible for designing security in to information systems.
Price: £1815 + VAT
Please note all bookings for this course must be received 14 days prior to the start date of the course to enable the candidate to register for the examination. Any booking received less than 14 days before the start date of the course will not be able to sit the course.
