ISO/IEC 27005 Risk Manager Training | Security Expert Group

ISO/IEC 27005 Risk Manager

Explore the ISO/IEC 27005
Risk Manager certification

Understand the process of developing, establishing, maintaining, and improving an information
security risk management framework based on the guidelines of ISO/IEC 27005.

Key features & benefits

Training delivery options

• Classroom
• Live online
• eLearning
• Self-study

Course inclusions

• Digital access to training materials via KATE
• Over 350 pages of information and practical examples
• Certification exam
• Free exam retake within 12 months (in case of failure)
• Attestation of course completion worth 21 CPD (continuing professional development) credits

Course outline

Select a lesson to explore detailed content:

Day 1
Introduction to ISO/IEC 27005 and risk management

Training course objectives and structure
Standards and regulatory frameworks
Fundamental concepts and principles of information security risk management
Information security risk management program
Context establishment

Day 2
Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005

Risk identification
Risk analysis
Risk evaluation
Risk treatment
Information security risk communication and consultation

Day 3
Risk recording and reporting, monitoring and review, and risk assessment methods

Information security risk recording and reporting
Information security risk monitoring and review
OCTAVE and MEHARI methodologies
EBIOS method and NIST framework
CRAMM and TRA methods
Closing of the training course

Our partners & vendors

Ready to grow your cybersecurity career?

Get personalized guidance, explore your learning path, and start moving toward certification success.

Book a consultation

Prerequisite courses & knowledge

Core knowledge

Fundamental understanding of ISO/IEC 27005

Comprehensive knowledge of information security

Certification requirements

Two years of professional experience (one year of work experience in information security risk management)

A total of 200 hours of Information security risk management activities

Training & register details

TRAINING OVERVIEW

ISO/IEC 27005
Risk Manager

Understand the process of developing, establishing, maintaining, and improving an information security risk management framework based on the guidelines of ISO/IEC 27005

Book a consultation

HOW TO REGISTER

1. Submit your application

Submit a quick application to let us know you’re interested in the course.

2. Intro call

We’ll schedule a short call to learn more about your goals and expectations.

3. Confirm your spot

Get accepted and complete the paperwork. We’ll send you all the info you need.

4. Start learning

Access your learning platform and get familiar with the materials.

5. Join the community

Get access to the student chat, events, and mentorship opportunities.

Who is ISO/IEC 27002 Risk Manager for?

Security managers

Managers or consultants involved in or responsible for information security in an organization.

Risk professionals

Individuals responsible for managing information security risks and maintaining conformity with ISO/IEC 27001 requirements.

IT & security teams

Members of information security teams, IT professionals, and privacy officers.

Project managers

Project managers, consultants, or expert advisers seeking to master the management of information security risks.

FAQ

What is the ISO/IEC 27005 Risk Manager certification?

The PECB ISO/IEC 27005 Risk Manager certification demonstrates that you comprehend the concepts and principles of information security risk management and can evaluate, analyze, and treat IT risks.

What does the certification exam cover?

The exam covers four main competency domains:

Domain 1: Fundamental principles and concepts of information security risk management
Domain 2: Implementation of an information security risk management program
Domain 3: Information security risk management framework and processes based on ISO/IEC 27005
Domain 4: Other information security risk assessment methods

Who should take the ISO/IEC 27005 Risk Manager course?

This training is intended for managers or consultants responsible for information security, individuals managing IT risks, members of information security teams, privacy officers, and project managers seeking to master information security risks.

What are the prerequisites for this course and certification?

To attend, you need a fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of information security. To apply for the certification after passing the exam, you need two years of professional experience (including one year in information security risk management) and a total of 200 hours of related risk management activities.

How is the training delivered?

The training is a 3-day program. Participants will be provided with over 350 pages of training materials containing valuable information and practical examples.

What happens if I don't pass the exam on the first try?

Candidates who have completed the training course but failed the exam are eligible to retake it once for free within a 12-month period from the initial date of the exam.

Is passing the exam sufficient to become certified? How to apply for certification?

No, passing the exam is only the first step. After successfully completing the exam, you can apply for the credential once you demonstrate your prerequisite professional experience (two years) and 200 hours of information security risk management activities.

How is the examination proceeding?

The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP) and evaluates your knowledge and skills in information security risk management.

How to maintain your certification?

To maintain your PECB certification, you are required to demonstrate continuous professional development by earning CPD (Continuing Professional Development) credits and paying an annual maintenance fee to PECB.

Start your journey with us

Ready to grow your skills or start a new career in cybersecurity?

Leave your contact details, and our experts will get back to you shortly — whether you need help choosing the right course or certification program, or want details about enrollment and schedules.

Full name

Select your interest

Phone number

Message

Email address

Preferred contact method

By clicking "Request a consultation", you consent to the processing of your personal data in line with our Privacy Policy.

Full Name

Phone Number

Email Address

Preferred Contact Method

Select Your Interest

Message

By clicking "Request a Consultation", you consent to the processing of your personal data in line with our Privacy Policy.