- Participants / Prerequisite
In this two-day intensive course participants develop the competence to master a model for implementing risk management processes throughout their organization using the ISO 31000:2009 standard as a reference framework.
- To understand the concepts, methods and techniques allowing an effective risk management according to ISO 31000
- To acquire the competence to implement, maintain and manage an ongoing risk management program according to ISO 31000
- To acquire the competence to effectively advise organizations on the best practices in risk management
- Concepts and definitions related to risk management.
- Risk management standards, frameworks and méthodologies.
- Implementation of a risk management program.
- Understanding an organization and its context.
- Risk identification and risk analysis.
- Risk evaluation and risk treatment.
- Acceptance of information security risks and management of residual risks.
- Risk communication.
- Risk monitoring and review.
- Risk assessment tools recommended in ISO 31010.
- The exam covers the following competence domains :
- Domain 1: Fundamental concepts, approaches, methods and techniques of risk management.
- Domain 2: Implementation of a risk management program.
- Domain 3: Risk assessment based on ISO 31000.
Duration of the "Certified ISO 31000 Risk Manager" exam is 2 hours.