Everything you do in information security is related to risk, and no matter your discipline, sharpening your ISRM skills will increase your value. This course will arm you with a practical risk framework and approach to prioritize and address risk.
Information security is a broad discipline, and security teams are increasingly strapped for time and resources. In this course, Implementing and Performing Risk Management with ISO/IEC 27005, you will find a practical framework to prioritize and orchestrate a comprehensive information security risk framework. First, you will learn about the internationally accepted risk management standard ISO/IEC 27005. Next, you will arm yourself with skills to establish the business risk context, assess business risks, and perform risk treatment. Finally, you will be equipped with meaningful approaches to effectively communicate and monitor your organization's risk. When you're finished with this course, you will have the knowledge and blueprint to coordinate a widely accepted framework and to bolster your organization's information security program.
Taylor Jones is a Data Security Officer and security enthusiast/evangelist who loves to teach. Taylor is passionate about overcoming modern security challenges through meaningful solutions that reduce complexity and provide measurable risk reduction.
Course Overview Hi everyone! My name is Taylor Jones, and welcome to my course, Implementing and Performing Risk Management with ISO/IEC 27005. I'm a data security officer and information security and risk enthusiast. In this course, we are going to arm you with an internationally accepted and practical framework for orchestrating information security risk management in your organization. Some of the major topics that we will cover include defining risk criteria to evaluate and treat risk, conducting risk assessment to analyze threats and vulnerabilities in business processes and assets, continually monitoring and improving your risk management framework, and we'll walk through the ISO 27005 standard so you can better understand the value of this widely accepted framework. By the end of this course, you will have the knowledge and blueprint to establish and coordinate an information security risk management program. Before beginning this course, you should be familiar with fundamental information security principles including understanding common threats to confidentiality, integrity, and availability, and having basic knowledge of information security risk will be helpful. I hope you'll join me on this journey to learn information security risk management with the Implementing and Performing Risk Management with ISO/IEC 27005 course at Pluralsight.