Course Overview

The modern organization is faced with increasing volatility, uncertainty, complexity, and ambiguity.  PRINCE2® Risk Management Practitioner helps you and your organization identify, assess, and control risk at the strategic, programme, project, and operational levels.

The PRINCE2® Risk Management guidance shows you how the principles, processes, and techniques can be embedded, reviewed, and applied to your work practices by considering the nature of the objectives at risk. It allows you to make informed, effective decisions about the use of resources and initiating change.

The Practitioner certification allows you to demonstrate you have an understanding of how to apply and tailor PRINCE2® Risk Management Practitioner   in a practical context. You will be able to start applying an PRINCE2® Risk Management Practitioner  approach to organizational challenges to enable the creation and protection of value.

Course Objectives

Ater you complete this course you should have a better understanding of the advantages of risk management within an organisation including:

  • Increased visibility and better management of unplanned threats and opportunities.
  • Improved Service Delivery
  • Reduction in waste and fraud.
  • Increased Value for money
  • More effective management of change
  • More efficient use of resources
  • Improved decision making
  • Innovation
  • Management of contingent and maintenance activities.

Course Content

Day One

  • Introductions
  • PRINCE2® Risk Management Overview
  • Definitions
  • Challenges of PRINCE2® Risk Management (12 D’s)
  • Principles of PRINCE2® Risk Management
  • People Considerations and PRINCE2® Risk Management
  • Perspectives of PRINCE2® Risk Management

Day Two

  • Recap
  • Perspectives of PRINCE2® Risk Management
  • PRINCE2® Risk Management Processes

Day Three

  • Recap
  • PRINCE2® Risk Management Processes
  • Implementing PRINCE2® Risk Management
  • Value of PRINCE2® Risk Management
  • Exam Preparation
  • Round-up

Course Overview

ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks.

Course Objectives

  • Acknowledge the correlation between Information Security risk management and security controls
  • Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence to effectively advise organizations in Information Security Risk Management best practices

Course Content

  • Day 1: Introduction to ISO/IEC 27005 and implementation of a risk management programme
  • Day 2: Information security risk assessment, risk treatment and acceptance as specified in ISO/IEC 27005
  • Day 3: Risk communication, consultation, monitoring, review and risk assessment methods

Course Overview

ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Course Objectives

  • Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005
  • Acknowledge the correlation between Information Security risk management and security controls
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices
  • Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program

Course Content

  • Day 1: Introduction to ISO/IEC 27005, concepts and implementation of a risk management program
  • Day 2: Risk identification, evaluation, and treatment as specified in ISO/IEC 27005
  • Day 3: Information Security risk acceptance, communication, consultation, monitoring and review
  • Day 4: Risk assessment methodologies
  • Day 5: Certification Exam 

Course Overview

By attending this 2-day ISO/IEC 27005 Foundation training course, participants will learn more about the structure of the standard including information security risk assessment, treatment, acceptance, communication and consultation, and monitoring and review. They will also gain basic knowledge related to information security risk management based on other standards such as ISO/IEC 27001 and ISO 31000.

After attending the training course, you can sit for the exam and, if you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, processes, and management approaches used in information security risk management.

Course Objectives

  • Understand the basic concepts of information security risk management
  • Acknowledge the correlation between ISO/IEC 27005, ISO 31000, ISO/IEC 27001, and other standards and regulatory frameworks
  • Understand the approaches, methods, and techniques used for the management of information security risks

Course Content

  • Day 1: Introduction to fundamental concepts of information security risk management and ISO/IEC 27005
  • Day 2: Information security risk management and certification exam

Course Overview

The PECB ISO/IEC 27001 Lead Auditor training course is designed to prepare you to audit an information security management system (ISMS) based on ISO/IEC 27001. During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

The training content is comprised of practical exercises and case studies which bring you real-world expertise that you can apply to your day-to-day operations and activities. Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

Our training courses are all-inclusive, meaning that they cover everything you need, in order to get the certificate. After acquiring the necessary expertise to perform an audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

Apart from showcasing what the ISO/IEC 27001 standard tells you to do, this training course tells you how to do it, through various activities, exercises, case studies, multiple-choice standalone  quizzes, and scenario-based quizzes. These will allow you to test your knowledge about the implementation process steps.

Course Objectives

After completing this course you shoud be able to:

  • Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/ IEC 27001
  • Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
  • Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
  • Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
  • Manage an ISO/IEC 27001 audit program

Course Content

Day 1: Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001 

  • Training Course Objectives and Structure
  • Standards and Regulatory Frameworks
  • Certification Process
  • Fundamental concepts and principles of information security
  • Information security management system (ISMS)

Day 2: Audit principles, preparation and launching of an audit

  • Fundamental audit concepts and principles
  • The impact of trends and technology in auditing
  • Evidence-based auditing
  • Risk-based auditing
  • Initiation of the audit process
  • Stage 1 audit

Day 3: On-site audit activities

  • Preparing for stage 2 audit
  • Stage 2 audit
  • Communication during the audit
  • Audit procedures
  • Creating audit test plans

Day 4: Closing the audit

  • Drafting audit findings and nonconformity reports
  • Audit documentation and quality review
  • Closing of the audit
  • Evaluation of action plans by the auditor
  • Beyond the initial audit
  • Managing an internal audit program
  • Closing of the training course

Course Overview

The ISO 31000 Risk Manager training course helps participants acquire the knowledge necessary and ability to integrate the risk management guidelines of ISO 31000 in an organization. It provides information with regard to the risk management principles and their application, as well as the core elements of the risk management framework and steps for a risk management process. In addition, it provides the basic approaches, methods, and practices for assessing risk in a wide range of situations.

Upon completion of the training course, you can sit for the exam and apply to obtain the “PECB Certified ISO 31000 Risk Manager” credential. The credential demonstrates your knowledge and ability to apply the risk management process in an organization based on the guidelines of ISO 31000 and best practices.

Course Objectives

  • Understand the risk management concepts, approaches, methods, and techniques 
  • Learn how to establish a risk management framework in the context of an organization 
  • Learn how to apply the ISO 31000 risk management process in an organization
  • Understand the basic approaches, methods, and practices used to integrate risk management in an organization

Course Content

  • Day 1: Introduction to ISO 31000 and risk management and establishing the risk management framework
  • Day 2: Initiation of the risk management process and risk assessment based on ISO 31000
  • Day 3: Risk treatment, recording and reporting, monitoring and review, and communication and consultation according to ISO 31000

Course Overview

The ISO 31000 Lead Risk Manager training course helps participants develop their competences to support an organization create and protect value by managing risks, making decisions, and improving performance using the ISO 31000 guidelines. It provides information regarding the core elements and the effective implementation of a risk management framework, the application of the risk management process, and the actions necessary for the successful integration of these elements to meet organizational objectives. Furthermore, it provides guidance on the selection and application of techniques for assessing risks in a wide range of situations.

Upon completion of the training course, participants can sit for the exam and apply to obtain the “PECB Certified ISO 31000 Lead Risk Manager” credential. The credential demonstrates that the participant possesses the theoretical and practical knowledge and professional capabilities to support and lead risk management processes based on ISO 31000 guidelines and best practices in this field.

Course Objectives

  • Understand the risk management concepts, approaches, methods, and techniques
  • Learn how to interpret the ISO 31000 principles and framework in the context of an organization
  • Learn how to apply the ISO 31000 risk management process in an organization
  • Learn how to establish a risk recording and reporting process and an effective risk communication plan
  • Develop the ability to effectively manage, monitor, and review risk in an organization based on best practices

Course Content

  • Day 1: Introduction to ISO 31000 and risk management
  • Day 2: Establishing the risk management framework and initiating the risk management process
  • Day 3: Risk analysis, risk evaluation, and risk treatment according to ISO 31000
  • Day 4: Recording and reporting, monitoring and review, and communication and consultation according to ISO 31000
  • Day 5: Certification exam

Course Overview

The ISO 31000 Foundation training course presents the basic principles and approaches of managing risks and opportunities based on the guidelines of ISO 31000. This training course focuses on the main components of ISO 31000: basic terms and definitions, principles of risk management, risk management framework, and risk management process. In addition, each step of the risk management process is analyzed and elaborated individually.

Upon completion of the training course, you can sit for the exam and apply to obtain the “PECB Certified ISO 31000 Foundation” credential. The credential demonstrates that you understand the fundamental concepts and methodologies for risk management, based on the guidelines of ISO 31000.

Target Audience

  • Individuals involved in risk management 
  • Individuals seeking to gain knowledge of risk management principles, framework, and process
  • Individuals seeking to manage the risks and opportunities in their areas of responsibility
  • Individuals interested in pursuing a career in risk management

Course Objectives

  • Get acquainted with the concepts and principles of ISO 31000
  • Understand the guidelines of ISO 31000 for risk management
  • Understand the basic approaches, methods, and practices that can be used for the integration of risk management in an organization

Course Overview

ISO/IEC 27002 Foundation training enables you to learn the basic elements to implement Information Security Controls as specified in ISO/IEC 27002. During this training course, you will be able to understand how ISO/IEC 27001 and ISO/IEC 27002 are related to ISO/IEC 27003 (Guidelines for the implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

After completing this course, you can sit for the exam and apply for the “PECB Certificate Holder in ISO/IEC 27002 Foundation” certificate. A PECB Foundation Certificate shows that you have understood the fundamental methodologies and management approach.

Target Audience

  • Individuals interested in Information Security Management and Information Security Controls
  • Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls
  • Individuals interested to pursue a career in Information Security Management

Course Objectives

  • Understand the implementation of Information Security Controls in accordance with ISO/IEC 27002
  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
  • Understand the approaches, methods and techniques used for the implementation of Information Security Controls

Course Overview

Information is crucial for the continuity and proper functioning of both individual organizations and the economies they fuel; this information must be protected against access by unauthorized people, protected against accidental or malicious modification or destruction and must be available when it is needed.

This module Information Security Management Professional based on ISO/IEC 27001 tests understanding of the organizational, physical and technical aspects of information security.

Course Objectives

  • Perspectives in Information Security: Business, Customer, Service Provider/Supplier (10%).
  • Risk Management: Analysis, Controls, Remaining Risks (30%).
  • Information Security Controls: Organizational, Technical, Physical (60%).

Course Content

Information security perspectives: the perspectives of the business, the customer, and the service provider
Risk Management: Analysis of the risks, choosing controls, dealing with remaining risks
Information security controls: Organizational, technical and physical controls