Risk Management Part 1: Risk assessment methodology and risk assessment process (en)

Live online training via webinar

Risk Management Part 1: Risk assessment methodology and risk assessment process

Why is risk assessment important?

Risk assessment has a central role in information security management – since ISO 27001 is mainly focused on preventing security incidents, it requires this kind of analysis to be performed in order to define which security measures (controls) are to be implemented to control such risks.

The complexity of the security of information makes it impossible to know all the risks by heart. Therefore, without risk assessment you could find yourself in a situation where you have invested a lot of money in controls you don't really need or that you didn't invest money in controls you needed badly.

Risk assessment is the first major step in implementation of ISO 27001, right after the ISMS Scope document and ISMS Policy; after the risk assessment is completed, risk treatment defines which controls are to be implemented and then the implementation of information security can start.

Register for this webinar to learn:

The requirements of ISO 27001 for risk assessment
Where does risk assessment fit in information security management and PDCA cycle
The purpose of Annex A
How can ISO 27005 help you
How to learn from security incidents
Where to find catalogues for threats and vulnerabilities and whether to use risk assessment tools
Difference between quantitative and qualitative risk assessment
How to structure a risk assessment methodology that is suited to your organization
How to implement the risk assessment process in your organization and how to define the roles

"Dejan is clearly a subject matter expert on Risk Analysis and Risk Management. His trainings are well designed and superbly and professionally delivered using the GoToTraining platform."

Bob Chaput, CEO at Clearwater Compliance LLC

Presented by: Dejan Kosutic

Dejan Kosutic is the author of documentation toolkits and E-learning tutorials at Information Security & Business Continuity Academy. He has extensive working experience both as a tutor and as a consultant – he is an Approved Tutor for ISMS Lead Auditor courses at SGS, and delivers various ISO 27001 and ISO 22301/BS 25999-2 in-person courses throughout Europe, as well as online courses via webinars. In his consulting career, he works with clients from the financial sector, government, and small and medium-sized businesses including IT companies.

He has an MBA from Henley Management College, and is the holder of the following certificates: Certified Management Consultant, ISO/IEC 27001 Lead Auditor, Associate Business Continuity Professional, and ISO 9001 Lead Auditor.

IS&BCA live online trainings: The knowledge you can apply right away.

Other live online trainings | Pricing & options | Webinars on demand | FAQs


Products	Free resources	How to reach us	About	Available languages
Product tour	Blog	Newsletter	FAQ	English
ISO 27001 documents	What is ISO 27001	Facebook	About us	Deutsch
ISO 22301/BS 25999 documents	What is ISO 22301	Twitter	Partners	Español
Online tutorials	ROSI calculator	LinkedIn	Terms and conditions	Hrvatski
Video tutorials	Wiki pages	Contact	Affiliates	Nederlands
Courses	Downloads		Testimonials	Português
Online mentoring
Online trainings (webinars)			Copyright ©2010-2013 EPPS Services Ltd.