WA IT Advisory

Catalog 2025
WA IT AdvisoryEventspecbISO/IEC 27005 Risk Manager

ISO/IEC 27005 Risk Manager

ISO/IEC 27005 Risk Manager

  • 26 January 2026 - 28 January 2026
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisia
  • (+216) 94 882 343
join now

Training Objectives

This training provides the knowledge and practical skills needed to implement and manage an effective information security risk management process in line with ISO/IEC 27005.
By the end of the course, participants will be able to:

  • Identify, analyze and treat information security risks;
  • Establish and maintain an ISRM framework aligned with ISO 27001;
  • Integrate risk management into organizational governance and operations;
  • Prepare for the ISO 27005 Risk Manager certification exam.

Target Audience

This course is intended for:

  • Information Security Managers, CISOs and IT Managers;
  • Consultants, auditors and professionals involved in ISMS implementation;
  • Compliance and risk management officers;
  • Anyone seeking to strengthen their skills in information security risk management.

Prerequisites

Basic understanding of information security concepts and ISO 27001 is recommended.
No prior certification is required.

Training program

D1 – Fundamentals of Risk Management

Introduction to ISO 27005: principles, key concepts and terminology.

Relationship with ISO 31000 and the ISMS under ISO 27001.

Understanding context and stakeholders.

Establishing a risk management framework.

D2 – Risk Assessment and Treatment

Identification of assets, threats and vulnerabilities.

Analysis of likelihood and impact.

Determination and prioritization of risk levels.

Treatment options: mitigate, transfer, accept or avoid.

Planning and implementing risk treatment measures.

D3 – Communication, Monitoring and Continuous Improvement

  • Risk communication and consultation.
  • Monitoring and review of risk management processes.
  • Complementary methods: EBIOS, MEHARI, OCTAVE, CRAMM.
  • Practical case study: complete application of the risk management cycle.
  • Certification exam preparation.

Certification

Upon completion, participants are eligible to sit for the ISO/IEC 27005 Risk Manager certification exam.
This credential demonstrates the ability to plan, assess and continuously improve an information security risk management programme aligned with international standards.

Registration form
Contact us

Upcoming Trainings

ISO/IEC 27001 Lead Auditor
  • 24 November 2025
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisie
ISO/IEC 27001 Lead Implementer
  • 15 December 2025
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisia
DORA Lead Manager
  • 22 December 2025
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisie
ISO/IEC 27005 Risk Manager
  • 26 January 2026
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisia
CISSP Training Session
  • 9 February 2026
  • 9h00 to 16h00
  • Les Berges du Lac, Tunis - Tunisie