Information Security

ISO/IEC 27005 Professional certification

This 3-day intensive course will provide you with the necessary knowledge and skills to establish, implement and continuously improve effective information security risk management (ISRM) according to ISO/IEC 27005 in your organization. The course covers advanced topics such as risk treatment strategies, risk communication, risk acceptance and the integration of risk management into existing management systems. Through practical exercises and case studies, participants are optimally prepared for real-life application scenarios.

**At the end of the course, each participant is free to take the TRECCERT ISO/IEC 27005 Professional exam directly at our own Schönbrunn TASC test center.

Show dates

On-Site/Virtual

Preise ab€ 3.250 zzgl. 19% Ust

duration: 3 days

Level: Experte

Code: ISO-27005-PTC

CPEs: 24

Buchen Sie noch heute online oder rufen Sie uns an unter +49 7031 2024742, wenn Sie Hilfe bei der Auswahl des richtigen Kurses benötigen oder über Firmenrabatte sprechen möchten.

This course provides professionals with advanced knowledge of information security risk management in accordance with ISO/IEC 27005 - from risk treatment to communication."

Your benefits

Schönbrunn TASC is a TRECCERT Accredited Training Organization (ATO). This means that you have access to official TRECCERT course materials. You can take the ISO/IEC 27005 Professional exam online after the course. If you do not pass the exam on your first attempt (which we do not expect), our performance guarantee covers you - this means you train for free the second time.

• You learn in small groups (max. 10 participants per course)
• In-house modern training room and test center in a distraction-free, quiet atmosphere (PSI/ Pearson Vue/ Kryterion)
• TRECCERT Authorized trainers with practical experience, who are always trained, guide you through the course
• You will receive comprehensive official TRECCERT training materials, quizzes and exercises
• interactive discussions and group work will help you in the application
• A light breakfast, lunch, snacks and drinks are provided throughout the day
• hotel recommendations near the training and test center
• it is possible to take the exam at the Schönbrunn TASC test center afterwards**

Requirements

Participation in the ISO/IEC 27005 Professional training course requires basic knowledge and experience in the field of information security management, in particular

• Basic understanding of the ISO/IEC 27001 standard and its requirements
• Experience in risk management
• Knowledge of information security processes, threats and vulnerabilities
• Participation in an ISO/IEC 27001 Foundation or Lead Implementer/Lead Auditor training course

Target group

The ISO/IEC 27005 Professional training course is aimed at professionals who wish to deepen their skills in the area of information security risk management, in particular:

• Information security risk managers, team leaders or technicians
• Business owner, COO, CIO, CISO
• Risk Analyst, Model Risk Specialist, Risk Manager
• Professionals responsible for identifying, assessing and managing information security risks
• Individuals who work in an ISO/IEC 27001-compliant information security management system (ISMS) and would like to expand their knowledge of risk management

Training schedule

The training course has a modular structure and covers all key aspects of information security risk management in accordance with ISO/IEC 27005:

Module 1: Introduction to information security risk management

• Fundamentals of information security
• Basics of risk management
• Definition and understanding of information security risks
• Overview of the risk management process according to ISO/IEC 27005
• Relationship between risk analysis and statement of applicability
• Use of risk heat maps

Module 2: Context definition of the risk management process

• Establishing the context
• Definition of basic criteria for the risk management process
• Definition of scope and boundaries
• Structuring the organization in the context of risk management

Module 3: Information security risk analysis

• Approaches to risk analysis
• Identification of information security risks
• Implementation of the risk analysis
• Evaluation and prioritization of risks

Module 4: Handling information security risks

• Options and techniques for risk treatment
• Development of a risk treatment plan
• Assessment of residual risks
• Risk acceptance and documentation

Module 5: Communication and consultation in risk management

• Overview of communication processes
• Phases and planning of risk communication
• Techniques for effective communication and consultation

Module 6: Monitoring and improving risk management

• Overview of the monitoring and review process
• Continuous monitoring and improvement of the risk management process

Certification

ISO/IEC 27005 Professional certification

• Number of questions: 100
• Duration: 120 minutes
• Exam type: Multiple Choice, Closed Book
• Exam mode: Online
• Exam language: English
• Pass mark: 60 %

Find your date for
ISO/IEC 27005 Professional certification

Buchen Sie noch heute online oder rufen Sie uns an unter +49 7031 2024742, wenn Sie Hilfe bei der Auswahl des richtigen Kurses benötigen oder über Firmenrabatte sprechen möchten.

09.-11.02.2026

On-Site

duration: 3 days

Book now!

18.-20.05.2026

On-Site

duration: 3 days

Book now!