ISO/IEC 27005 Information Security Risk Manager Workshop - 2020

@ IT Governance and Risk Consulting - ITGRC

Information Security is risk issues that need to be addressed and managed within the risk management strategy of the organisation. With the increasing number of internal and external information security threats, organizations recognize the importance of adopting a formal risk management programme. Without a sound framework to identify, analyse and manage information security risks, it’s difficult for organizations to prioritize their security remediation efforts and resource allocation and associated costs. This leaves organizations more susceptible to security breaches, which can lead to financial and reputational damage. Building on the concepts and framework specified in ISO/IEC 27001, ISO/IEC 27005:2018 provides guidelines for adopting an information security risk management approach that is appropriate to all organizations.

By participating in this two-day course, students will be able to get optimal Information Security and risk management skills and practical guidance on the framework and steps involved to identify, analyse and manage information security risks. It will help you to review your existing risk treatments and controls and ensure they are appropriate to manage and reduce the identified risks within your ISMS. This will give you the confidence to get the most effective allocation of resources to address information security issues in your organization.

Learning Objectives

  • Acknowledge the correlation between Information Security risk management and security controls
  • Understand the concepts, approaches, methods and techniques that enable an effective  risk management process according to ISO/IEC 27005:2018
  • Learn how to interpret the requirements of ISO/IEC  27001 in Information Security Risk Management
  • Acquire the competence to effectively advise organizations in Information Security Risk Management best practices


  • None - However it is desirable the participants hold knowledge of ISO 27001:2013 standard

Who should attend?

  • Chief Information Security Officer (CISOs)
  • Information Security Risk Managers
  • Information Security Team Members
  • Individuals responsible for Information Security, compliance, and risk within an organization
  • Individuals implementing ISO/IEC 27001, or involved in a risk management program
  • Security Consultants
  • IT Professionals
  • Information Security Officers
  • Privacy Officers
  • Compliance Officers
  • ISMS Auditors

What is included in the package?

  • Lunch and Refreshments
  • High Quality Study Guide
  • Risk Assessment Template
  • Practical Exercise with role playing and discussions
  • Pre Course Material and Videos
  • IGC (Global Independent exam body) ISO 27005 Risk Manager examination


  • Option 1 - LKR.28,000 (Course Only)
  • Option 2 - LKR.65,000 (Course +  IGC Exam)


2 Days

Course Fee

Option 1 - LKR 28,000 (Course Only) | Option 2 - LKR.65 000 (Course + IGC Exam)

Course Level





Computer Security

Contact Details

+94 11 2 825177, +94 77 7372697

No 11/24, 1/1 Melder Place , Nugegoda

Send Inquiry

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scholarship Alerts

Type "REG coursenet" and SEND to 77000

Get latest scholarships, offers & academic event alerts to your phone via SMS.

Service is available for Dialog, Mobitel, Hutch & Airtel users. Monthly (Rs. 30 + tax).

Related Courses

Institute Courses