Training: ISO/IEC 27005 Risk Manager

Ref. ISO-27005RM


The three-day intensive “ISO/IEC 27005 Risk Manager” course provides the best methods for conducting a risk analysis project and implementing a risk management programme based on ISO/IEC 27005.

This course prepares participants for the Risk Manager ISO 27005: 2022 exam.

Participant profiles

  • Information Security risk managers
  • Information Security team members
  • Individuals responsible for Information Security, compliance, and risk within an organization
  • Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
  • IT consultants
  • IT professionals
  • Information Security officers
  • Privacy officers


  • Acknowledge the correlation between Information Security risk management and security controls
  • Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence to effectively advise organizations in Information Security Risk Management best practices


  • Prior knowledge of ISO/IEC 27001: 2022, ISO/IEC 27002: 2022 and ISO/IEC 27005: 2022 is recommended
  • Knowledge of audit techniques

Course content

Day 1

  • Concepts and definition of risk
  • The normative framework
  • Implementing a risk management programme
  • Setting the context

Day 2

  • Risk identification
  • Risk analysis
  • Risk evaluation
  • Risk assessment with a quantitative method
  • Risk treatment
  • Information security risk acceptance

Day 3

  • Introduction to the CRAMM method
  • Introduction to the EBIOS method
  • Introduction to the MEHARI method
  • Introduction to the OCTAVE method
  • Introduction to the Microsoft Security Risk Management method
  • Passing the Risk Manager ISO/IEC 27005: 2022 exam


  • Digital courseware included

Lab / Exercises

  • One case study and a workbook


  • This course prepares you for the ISO/IEC 27005 Risk Manager exam included in the course price
  • The exam will take place on the afternoon of the last day of the course and lasts 2h30

Complementary courses

Temptraining funding

ITTA is a partner of Temptraining, the continuing education fund for temporary workers. This training fund can subsidize continuing education for anyone who works for an employer subject to the Collective Work Agreement (CCT) Rental of services.
Prix de l'inscription
CHF 3'700.-

lun24apr(apr 24)09:00mer26(apr 26)17:00Lausanne, Avenue Mon repos 24, 1005 Lausanne Etiquettes de sessionISO-27005RM

lun24apr(apr 24)09:00mer26(apr 26)17:00VirtuelVirtual Etiquettes de sessionISO-27005RM

lun05jun(jun 5)09:00mer07(jun 7)17:00Genève, Route des Jeunes 33B, 1227 Carouge Etiquettes de sessionISO-27005RM

lun05jun(jun 5)09:00mer07(jun 7)17:00VirtuelVirtual Etiquettes de sessionISO-27005RM

Horaires d’ouverture

Du lundi au vendredi, de 8:30 à 18:00.


Votre demande

Opening hours

Monday to Friday, from 8:30 am to 06:00 pm.

Contact us

Your request