Course

Skills Expanded

Implementing and Performing Risk Management with ISO/IEC 27005

by Taylor Jones

Everything you do in information security is related to risk, and no matter your discipline, sharpening your ISRM skills will increase your value. This course will arm you with a practical risk framework and approach to prioritize and address risk.

Preview this course

Try for free

Get this course plus top-rated picks in tech skills and other popular topics.

$45.00

per month after 10 day trial

Your 10 day Premium free trial includes

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.

*Available on Premium only

For teams

Give up to 50 users access to our full library including this course free for 30 days

Course info

Rating

(14)

Level

Intermediate

Updated

Mar 19, 2024

Duration

2h 14m

What you'll learn

Information security is a broad discipline, and security teams are increasingly strapped for time and resources. In this course, Implementing and Performing Risk Management with ISO/IEC 27005, you will find a practical framework to prioritize and orchestrate a comprehensive information security risk framework. First, you will learn about the internationally accepted risk management standard ISO/IEC 27005. Next, you will arm yourself with skills to establish the business risk context, assess business risks, and perform risk treatment. Finally, you will be equipped with meaningful approaches to effectively communicate and monitor your organization's risk. When you're finished with this course, you will have the knowledge and blueprint to coordinate a widely accepted framework and to bolster your organization's information security program.

Course Overview

1min

Course Overview 2m

Overview of ISO/IEC 27005:2018

24mins

Establishing the ISRM Context

24mins

Establishing the ISRM Context 5m
Evaluating the Internal and External Risk Context 4m
Defining the ISRM Organization and Approach 3m
Creating and Implementing Basic Risk Criteria 6m
Identifying ISRM Scope and Boundaries 2m
Demo 5m

ISRM: Identifying and Assessing Risk

44mins

Evaluating Risk Assessment 4m
Identifying and Reviewing Risk 1m
Identifying and Reviewing Business Assets 5m
Evaluating Threats to Assets and Business Processes 6m
Identifying and Evaluating Existing Controls 4m
Identifying and Assessing Vulnerabilities 4m
Creating Incident Scenarios and Identifying Consequences 4m
Conducting Risk Analysis 3m
Analyzing Risk Consequences 4m
Analyzing Risk Likelihood 2m
Analyzing and Determining the Level of Risk 2m
Conducting Risk Evaluation and Prioritization 4m
Demo 3m

ISRM: Evaluating Risk Treatment Options

20mins

Evaluating Risk Treatment 5m
Evaluating Risk Modification 4m
Evaluating Risk Retention 1m
Evaluating Risk Avoidance 1m
Evaluating Risk Sharing 2m
Evaluating Risk Acceptance 2m
Demo 4m

ISRM: Communicating, Monitoring, and Reviewing Risk

20mins

Conducting Risk Communication and Monitoring 3m
Evaluating and Conducting Risk Communication 5m
Monitoring and Reviewing Risk Factors 4m
Monitoring and Improving the ISRM Program 3m
Demo 5m

About the author

Taylor Jones

Taylor Jones is a Data Security Officer and security enthusiast/evangelist who loves to teach. His primary focus is helping everyday business leaders and users jettison fear, uncertainty, and doubt (FUD) as they work toward identifying and addressing their security risks. Leaning heavily on the fundamentals and time-tested best practices, Taylor is passionate about overcoming modern security challenges through meaningful solutions that reduce complexity and provide measurable risk reduction. He ... more

See more courses by Taylor Jones

Try for free

Get this course plus top-rated picks in tech skills and other popular topics.

$45.00

per month after 10 day trial

Your 10 day Premium free trial includes

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.

*Available on Premium only

For teams

Give up to 50 users access to our full library including this course free for 30 days

Course info

Rating

(14)

Level

Intermediate

Updated

Mar 19, 2024

Duration

2h 14m

Ready to upskill? Get started

Contact Sales

Implementing and Performing Risk Management with ISO/IEC 27005

What you'll learn

Table of contents

About the author

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Contact Sales

Implementing and Performing Risk Management with ISO/IEC 27005

What you'll learn

Table of contents

About the author

Get access now

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Ready to skill up
your entire team?

Ready to skill up
your entire team?