Specialist - Data Security

Data Security Training

Our Data security workshops and courses help your organisation to protect digital data from the malicious actions of unauthorized users, such as a cyberattack or a data breach.

Please select the course that you’re interested in

Information Security Risk Management (2 days)

Course Overview


The course is designed for anyone who wants to learn about Identifying and analyzing information security risks, How risks can be evaluated, What treatments, controls and measures can be implemented in order to mitigate risks, Ongoing governance and risk monitoring processes.

The course is applicable to individuals from any size or type of organization who are currently involved in (or will be in the future) planning, implementing, maintaining, supervising or assessing information security, as part of an ISO/IEC 27001 ISMS or a standalone system.

With the increasing number of internal and external information security threats, organizations recognize the importance of adopting a formal risk management program. Without a mechanism to identify, analyze and manage information security risks, it’s difficult for organizations to prioritize their security remediation efforts and resource allocation and associated costs. This leaves organizations more susceptible to security breaches, which can lead to financial and reputational damage.

Building on the concepts and framework specified in ISO/IEC 27001, ISO/IEC 27005:2018 provides guidelines for adopting an information security risk management approach that is appropriate to all organizations.

This course aims to provide you with clear and practical guidance on the framework and steps involved to identify, analyse and manage information security risks. It will help you to review your existing risk treatments and controls and ensure they are appropriate to manage and reduce the identified risks. This will give you the confidence to get the most effective allocation of resources in place to address information security issues for your organization.


Attendees should have a basic knowledge of business processes and technology concepts. No specialized technical knowledge is assumed.


This is a Two-day Information Security Risk Management course. The course starts at 09:30 and runs until 16:30.

Alternate timings can be arranged upon request. The course can be held on a date that suits you.


Our Information Security Risk Management course will be delivered Online Remotely using online training platforms. It can also be run at our training venue near Liverpool Street (London) or any preferred location in the UK or Europe.

Information Security Risk Management Course Outline


Information security and risk management

ISO/IEC 27005:2018 Structure and approach

Typical implementation approach (methodology and integration with ISO/IEC 27002)


Identify potential threats and vulnerabilities to the organization’s people, processes and technology to enable IT risk analysis.

Develop IT risk scenarios

Establish an IT risk register


Identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation

Review the results of risk and control analysis to assess any gaps between current and desired states of the IT risk environment

Communicate the results of risk assessments to senior management and appropriate stakeholders


Consult with risk owners to select and align recommended risk responses with business objectives and enable informed risk decisions

Development of risk action plans

Design and implementation of mitigating controls


Define and establish key risk indicators (KRIs)

Monitor and analyze key risk indicators (KRIs)

Report on changes or trends related to the IT risk profile

Show more
One to One

(which includes a tailor-made training programme for the individual where they can mix and match the topics from various levels to get the most cost-effective training

Group for up to 8 learners
The Course outlines on our website are standard, however, we would be happy to tailor them to your specific requirements. Please call us on 020 3696 2796 or send us a message to discuss further.

What Our Clients Say


This is a sample of some of the Short training videos. Please note that you can get access to many more, once you have done a course with us and are registered as one of our delegates.